$page = 1;
}
// First time we visit this page, show by default only Open incidents
// when GET() returns NULL, means that the param is not set
if (GET('status') === null) {
$status = 'Open';
}
$db = new ossim_db();
$conn = $db->connect();
// Close selected tickets
if (GET('close') == _("Close selected")) {
foreach ($_GET as $k => $v) {
if (preg_match("/^ticket\\d+/", $k) && $v != "") {
$idprio = explode("_", $v);
if (is_numeric($idprio[0]) && is_numeric($idprio[1])) {
Incident_ticket::insert($conn, $idprio[0], "Closed", $idprio[1], Session::get_session_user(), " ", "", "", array(), null);
}
}
}
}
$criteria = array('ref' => $ref, 'type' => $type, 'title' => $title, 'submitter' => $submitter, 'in_charge' => $in_charge, 'with_text' => $with_text, 'status' => $status, 'priority_str' => $priority, 'attach_name' => $attachment, 'related_to_user' => $related_to_user, 'tag' => $tag);
$incident_tag = new Incident_tag($conn);
?>
<!-- filter -->
<form name="filter" id="filter" method="GET" action="<?php
echo $_SERVER["SCRIPT_NAME"];
?>
">
<input type="hidden" name="page" id="page" value=""/>
<?php
?>
')"/>
<input type="submit" name="save" value="<?php
echo _('Save Template');
?>
" class="button" />
</p>
</form>
<?php
if ($preview) {
foreach ($labels as $k => $data) {
$values[$k] = $data['sample'];
}
$subject = Incident_ticket::build_email_template($subject_tpl, $values);
$body = Incident_ticket::build_email_template($body_tpl, $values);
?>
<table align="center" width="80%">
<tr>
<th valign="middle" width="10%" style="text-align: center;"><?php
echo _("Subject");
?>
:</td>
<td valign="top" style="text-align: left;"><pre><?php
echo $subject;
?>
</pre></td>
</tr>
<tr>
<th valign="middle" width="10%" style="text-align: center;"><?php
echo _("Body");
if (GET('close') == _('Close selected')) {
foreach ($_GET as $k => $cst_inc_id) {
if (preg_match("/^ticket\\d+/", $k) && $cst_inc_id != '') {
list($cst_incident) = Incident::search($conn, array('incident_id' => $cst_inc_id));
if (is_object($cst_incident) && !empty($cst_incident)) {
//Incident is not already closed
$cst_prev_status = $cst_incident->get_status();
if ($cst_prev_status != 'Closed' && Incident::user_incident_perms($conn, $cst_inc_id, 'closed')) {
$cst_status = 'Closed';
$cst_priority = $cst_incident->get_priority();
$cst_user = Session::get_session_user();
$cst_description = sprintf(_('Ticket automatically closed by %s'), $cst_user);
$cst_action = sprintf(_('Change ticket status from %s to Closed'), ucfirst($cst_incident->get_status()));
$cst_transferred = NULL;
$cst_tags = $cst_incident->get_tags();
Incident_ticket::insert($conn, $cst_inc_id, $cst_status, $cst_priority, $cst_user, $cst_description, $cst_action, $cst_transferred, $cst_tags);
}
}
}
}
}
$criteria = array('ref' => $ref, 'type' => $type, 'title' => $title, 'submitter' => $submitter, 'in_charge' => $in_charge, 'with_text' => $with_text, 'status' => $status, 'priority_str' => $priority, 'attach_name' => $attachment, 'related_to_user' => $related_to_user, 'tag' => $tag);
?>
<!-- filter -->
<form name="filter" id="filter" method="GET" action="<?php
echo $_SERVER["SCRIPT_NAME"];
?>
">
<input type="hidden" name="page" id="page" value=""/>
<?php
<tr><td>
<?php
if ($screen == "status") {
echo "<style>div.legend td.legendLabel { border:0 none; width:120px }</style>";
// Get unresolved INCIDENTS
if (!$order_by) {
$order_by = 'life_time';
$order_mode = 'ASC';
}
$incident_list = Incident::search($conn, array("status" => "Open"), $order_by, $order_mode, 1, 10);
$unresolved_incidents = Incident::search_count($conn);
//$incident_list = Incident::get_list($conn, "ORDER BY date DESC");
$incident_list = Incident::search($conn, array(), "date", "DESC", 1, 1);
$incident_date1 = $incident_list[0] ? $incident_list[0]->get_date() : 0;
$incident_ticket_list = Incident_ticket::get_list($conn, "ORDER BY date DESC LIMIT 1");
$incident_date2 = $incident_ticket_list[0] ? $incident_ticket_list[0]->get_date() : 0;
if ($incident_list[0] || $incident_ticket_list[0]) {
$incident_date = strtotime($incident_date1) > strtotime($incident_date2) ? $incident_date1 : $incident_date2;
if ($incident_date == 0) {
$incident_date = "__/__/__ --:--:--";
}
}
//$incident_list = Incident::get_list($conn, "ORDER BY priority DESC");
$incident_list = Incident::search($conn, array("status" => "Open"), "priority", "DESC", 1, 1);
$incident_max_priority = $incident_list[0] ? $incident_list[0]->get_priority() : "-";
$incident_max_priority_id = $incident_list[0] ? $incident_list[0]->get_id() : "0";
// Get unresolved ALARMS
$unresolved_alarms = Alarm::get_count($conn);
list($alarm_date, $alarm_date_id) = Alarm::get_max_byfield($conn, "timestamp");
list($alarm_max_risk, $alarm_max_risk_id) = Alarm::get_max_byfield($conn, "risk");
$save = true;
$subject_tpl = $body_tpl = '';
}
// Save values in the "config" table
if ($save) {
Incident_ticket::save_email_template($subject_tpl, $body_tpl);
header("Location: " . $_SERVER['SCRIPT_NAME']);
exit;
}
// First time, get the default templates. They are defined
// inside the function: Incident_ticket::get_email_template()
if (!$subject_tpl) {
$subject_tpl = Incident_ticket::get_email_template('subject');
}
if (!$body_tpl) {
$body_tpl = Incident_ticket::get_email_template('body');
}
$labels = array('ID' => array('help' => _("The Ticket database ID"), 'sample' => '63'), 'INCIDENT_NO' => array('help' => _("The ticket human-oriented reference"), 'sample' => 'ALA63'), 'TITLE' => array('help' => _("The ticket resume"), 'sample' => _("Detected MAC change in DMZ")), 'EXTRA_INFO' => array('help' => _("Related ticket information"), 'sample' => "Source IPs: 10.10.10.10\n" . "Source Ports: 2267\n" . "Dest. IPs: 10.10.10.11\n" . "Dest. Ports: 22\n"), 'IN_CHARGE_NAME' => array('help' => _("The person currently in charge of solving the ticket"), 'sample' => 'John Smith'), 'IN_CHARGE_LOGIN' => array('help' => _("The login of the person currently in charge of solving the ticket"), 'sample' => 'jsmith'), 'IN_CHARGE_EMAIL' => array('help' => _("The email of the person currently in charge of solving the ticket"), 'sample' => '*****@*****.**'), 'IN_CHARGE_DPTO' => array('help' => _("The department of the person currently in charge of solving the ticket"), 'sample' => 'Tech Support'), 'IN_CHARGE_COMPANY' => array('help' => _("The company of the person currently in charge of solving the ticket"), 'sample' => 'Example Inc.'), 'PRIORITY_NUM' => array('help' => _("The priority of the ticket in numbers from 1 (low) to 10 (high)"), 'sample' => 8), 'PRIORITY_STR' => array('help' => _("The priority in string format: Low, Medium or High"), 'sample' => 'High'), 'TAGS' => array('help' => _("The extra labels of information attached to the ticket"), 'sample' => "NEED_MORE_INFO, FALSE_POSITIVE"), 'CREATION_DATE' => array('help' => _("When was the ticket created"), 'sample' => '2005-10-18 19:30:53'), 'STATUS' => array('help' => _("What's the current status: Open or Close"), 'sample' => 'Open'), 'CLASS' => array('help' => _("The type of ticket: Alarm, Event, Metric..."), 'sample' => 'Alarm'), 'TYPE' => array('help' => _("The ticket category or group"), 'sample' => 'Policy Violation'), 'LIFE_TIME' => array('help' => _("The time passed since the creation of the ticket"), 'sample' => '1 Day, 10:13'), 'TICKET_DESCRIPTION' => array('help' => _("The description filled by the ticket author"), 'sample' => 'Detected a MAC change on dmz1.int host'), 'TICKET_ACTION' => array('help' => _("The action filled by the ticket author"), 'sample' => 'Investigate the ticket asap'), 'TICKET_AUTHOR_NAME' => array('help' => _("The person who just created a new ticket"), 'sample' => 'Sam Max'), 'TICKET_AUTHOR_EMAIL' => array('help' => _("The email of the ticket author"), 'sample' => '*****@*****.**'), 'TICKET_AUTHOR_DPTO' => array('help' => _("The department of the ticket author"), 'sample' => 'Network Operations'), 'TICKET_AUTHOR_COMPANY' => array('help' => _("The company of the ticket author"), 'sample' => 'Same Example Inc.'), 'TICKET_EMAIL_CC' => array('help' => _("Who (Name and Email) received this email too"), 'sample' => "\"John Smith\" <*****@*****.**>\n\"Sam Max\" <*****@*****.**>"), 'TICKET_HISTORY' => array('help' => _("The complete list of tickets related to this ticket"), 'sample' => '-- Here goes the list of tickets --'), 'TICKET_INVERSE_HISTORY' => array('help' => _("The complete list of tickets related to this ticket") . " (" . _("reverse order") . ")", 'sample' => '-- Here goes the reversed list of tickets --'));
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache"/>
<link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php
echo Util::get_css_id();
$data['data'] = $validation_errors;
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
echo json_encode($data);
} else {
$data['status'] = 'OK';
echo json_encode($data);
}
exit;
} else {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
$data['data'] = $validation_errors;
} else {
$data['status'] = 'OK';
Incident_ticket::delete($conn, $ticket_id);
$db->close();
header("Location: incident.php?id={$incident_id}&edit={$edit}");
exit;
}
}
} elseif ($action == 'e_subscription') {
$incident_id = $_POST['incident_id'] = GET('incident_id');
$login = POST('login');
$validate = array('incident_id' => array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Incident ID')), 'login' => array('validation' => 'OSS_USER_2', 'e_message' => 'illegal:' . _('Email changes to')));
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && empty($validation_errors)) {
if (!Incident::user_incident_perms($conn, $incident_id, $action)) {
$validation_errors['extended_validatation'] = _('You are not allowed to subscribe a new user because you are neither *admin* or the ticket owner');
}
}
?>
<table width="100%" cellspacing="2" align="center">
<!-- ticket head -->
<tr>
<th width="78%" nowrap='nowrap'><strong><?php
echo format_user($creator);
?>
</strong> - <?php
echo $date;
?>
</th>
<td style="text-align:left; padding-left:3px;">
<?php
/* Check permissions to delete a ticket*/
if ($i == count($tickets_list) - 1 && Incident_ticket::user_tickets_perms($conn, $ticket_id)) {
?>
<input type="button" name="deleteticket" class="lbutton" value="<?php
echo _("Delete ticket");
?>
" onclick="delete_comment('<?php
echo $ticket_id;
?>
', '<?php
echo $id;
?>
')"/>
<?php
}
?>
set_include_path('/usr/share/ossim/include');
require_once 'av_init.php';
$conf = $GLOBALS["CONF"];
$mdays = $conf->get_conf("tickets_max_days");
$send_mail = strtolower($conf->get_conf("tickets_send_mail"));
if ($send_mail == "no") {
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$user = '******';
// login the user
$session = new Session($user, '', '');
$session->login(TRUE);
$dbpass = $conn->GetOne('SELECT pass FROM users WHERE login = ?', array($user));
$client = new Alienvault_client($user);
$client->auth()->login($user, $dbpass);
if ($result = $conn->execute("SELECT * FROM incident_tmp_email")) {
while (!$result->EOF) {
$incident_id = $result->fields["incident_id"];
$ticket_id = $result->fields["ticket_id"];
Incident_ticket::mail_notification($conn, $incident_id, $ticket_id);
if (ossim_error()) {
echo ossim_error() . "\n";
}
ossim_set_error(FALSE);
$conn->Execute('DELETE FROM incident_tmp_email WHERE incident_id = ?', array($incident_id));
$result->MoveNext();
}
}
$db->close($conn);
header("Location: incident.php?id={$id}&edit={$edit}&nohmenu=1");
} else {
header("Location: incident.php?id={$id}&edit={$edit}");
}
exit;
}
/* Remove a ticket */
if ($action == 'delticket') {
if (!GET('ticket_id')) {
die("Invalid Ticket ID");
}
// Only admin, entity admin and ticket owner
if (!Incident_ticket::user_tickets_perms($conn, GET('ticket_id'))) {
die_error(_("You are not allowed to delete this ticket because you are neither *admin* or the ticket owner"));
}
Incident_ticket::delete($conn, GET('ticket_id'));
if (intval(POST('nohmenu')) == 1) {
header("Location: incident.php?id={$id}&edit={$edit}&nohmenu=1");
} else {
header("Location: incident.php?id={$id}&edit={$edit}");
}
exit;
}
/* Remove an incident */
if ($action == 'delincident') {
// Only admin, entity admin and ticket owner
if (!Incident::user_incident_perms($conn, $id, $action)) {
die_error(_("You are not allowed to delete this incident because you are neither *admin* or the ticket owner"));
}
Incident::delete($conn, $id);
header("Location: ./");
