class_exists('Setup', false) or (include 'classes/Setup.class.php'); class_exists('Utilities', false) or (include 'classes/Utilities.class.php'); class_exists('_MySQL', false) or (include 'classes/_MySQL.class.php'); if (Utilities::isLoggedIn() === false) { header('Location: login.php?location=' . urlencode('hosts.php')); exit; } $host = array_key_exists('host', $_POST) ? $_POST['host'] : ''; $toggle = array_key_exists('toggle', $_POST) ? (int) $_POST['toggle'] : 0; $titlePreFix = "Block Lists"; $user = Utilities::getAccount(); $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); if ($host != '') { if ($toggle == 0) { $mysql->runQuery("\n\t\t\tupdate blockLists\n\t\t\tset isActive = '0'\n\t\t\twhere md5(host) = '" . $mysql->escape($host) . "'"); } else { $mysql->runQuery("\n\t\t\tupdate blockLists\n\t\t\tset isActive = '1'\n\t\t\twhere md5(host) = '" . $mysql->escape($host) . "'"); } exit; } $sql = "\nselect *\nfrom blockLists\norder by isActive desc, blocksToday desc\n"; $rs = $mysql->runQuery($sql); include 'header.inc.php'; include 'accountSubnav.inc.php'; ?> <script src="js/jquery.tablesorter.min.js"></script> <script> $(document).ready(function() {
if (Utilities::isValidEmail($e)) { $noticeEmailAddresses .= "{$e}\n"; } } $ta = explode("\n", $textMessageEmails); $textMessageEmails = ""; foreach ($ta as $e) { $e = trim($e); if (Utilities::isValidEmail($e)) { $textMessageEmails .= "{$e}\n"; } } //TODO: make sure blacklists are domains with an ip address on them if (count($message) == 0) { //update $mysql->runQuery("\n\t\t\tupdate users set username = '******',\n\t\t\tpasswd = '" . $mysql->escape($passwdOld) . "',\n\t\t\tapiKey = '" . $mysql->escape($apiKey) . "',\n\t\t\ttwitterHandle = '" . $mysql->escape($twitterHandle) . "',\n\t\t\ttwitterHandle = '" . $mysql->escape($twitterHandle) . "',\n\t\t\tlastUpdate = '" . date('Y-m-d H:i:s') . "',\n\t\t\ttwitterHandle = '" . $mysql->escape($twitterHandle) . "',\n\t\t\tnoticeEmailAddresses = '" . $mysql->escape(trim($noticeEmailAddresses)) . "',\n\t\t\ttextMessageEmails = '" . $mysql->escape(trim($textMessageEmails)) . "',\n\t\t\tapiCallbackURL = '" . $mysql->escape($apiCallbackURL) . "',\n\t\t\tcheckFrequency = '" . $mysql->escape($checkFrequency) . "',\n\t\t\tdisableEmailNotices = {$disableEmailNotices}\n\t\t\t"); if ($beenChecked == 1) { $mysql->runQuery("update users set beenChecked = 0"); $message[] = "Check scheduled."; } if ($twitterHandle != '') { $t = new Twitter(); $t->follow($twitterHandle); } $message[] = "Account updated."; } } $user = Utilities::getAccount(); if (!$user) { //invalid account echo "<script>window.location='login.php?logout=1';</script>";
public static function validateLogin($userName, $passwd, $api = false, $apiKey = '') { $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); $sql = "\n\t\tselect username\n\t\tfrom users\n\t\twhere "; if (trim($apiKey) != '') { $sql .= " apiKey = '" . $mysql->escape($apiKey) . "'"; } else { $sql .= " passwd = '" . $mysql->escape(md5($passwd)) . "' \n\t\t\tand username = '******'"; } $rs = $mysql->runQuery($sql); $id = 0; while ($row = mysqli_fetch_array($rs, MYSQL_ASSOC)) { $id = 1; } $mysql->close(); return $id; }
class_exists('PHPMailer', false) or (include 'classes/class.phpmailer.php'); if (Utilities::isLoggedIn() === false) { header('Location: login.php'); exit; } $titlePreFix = "Edit Monitor Group"; $params = array_merge($_GET, $_POST); $id = array_key_exists('id', $params) ? (int) $params['id'] : 0; $groupName = array_key_exists('groupName', $params) ? substr(trim($params['groupName']), 0, 100) : ''; $domains = array_key_exists('domains', $params) ? trim(strtolower($params['domains'])) : ''; $ips = array_key_exists('ips', $params) ? trim($params['ips']) : ''; $deleteGroup = array_key_exists('deleteGroup', $params) ? trim($params['deleteGroup']) : ''; $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); if ($deleteGroup != '') { $mysql->runQuery("delete from monitorGroup where id = {$id}"); $mysql->runQuery("delete from monitors where monitorGroupId = {$id}"); echo "<script>window.location='monitorGroup.php';</script>"; exit; } if (isset($_POST["submit"])) { //TODO: make sure blacklists are domains with an ip address on them if ($id !== 0) { //update $mysql->runQuery("\n\t\t\tupdate monitorGroup set groupName = '" . $mysql->escape($groupName) . "',\n\t\t\t\tips = '" . $mysql->escape($ips) . "',\n\t\t\t\tdomains = '" . $mysql->escape($domains) . "'\n\t\t\twhere id = {$id}\n\t\t\t"); } else { $mysql->runQuery("\n\t\t\tinsert into monitorGroup set groupName = '" . $mysql->escape($groupName) . "',\n\t\t\t\tips = '" . $mysql->escape($ips) . "',\n\t\t\t\tdomains = '" . $mysql->escape($domains) . "'\n\t\t\t"); $id = $mysql->identity; } Utilities::updateDomains($domains, $id); Utilities::updateIPs($ips, $id);
$mysql->connect(Setup::$connectionArray); $searchSQL = ''; switch ($data) { case 'changed': $searchSQL .= " and lastStatusChanged = 1 "; break; case 'blocked': $searchSQL .= " and isBlocked = 1 "; break; case 'clean': $searchSQL .= " and isBlocked = 0 "; break; case 'all': default: } $rs = $mysql->runQuery("\n\t\t\tselect ipDomain,isBlocked,rDNS,status,lastStatusChangeTime,lastUpdate\n\t\t\tfrom monitors\n\t\t\twhere 1=1 {$searchSQL}"); $result['status'] = 'success'; $result['result'] = array(); while ($row = mysqli_fetch_array($rs, MYSQL_ASSOC)) { $result['result'][] = array('host' => $row['ipDomain'], 'isBlocked' => $row['isBlocked'], 'dns' => $row['rDNS'], 'status' => unserialize($row['status']), 'lastChanged' => $row['lastStatusChangeTime'], 'lastChecked' => $row['lastUpdate']); } $mysql->close(); $localCache->set($cacheKey, $result); break; default: $result['status'] = 'no such method'; } output(); function output($data = false) { global $result;
exit; } $dir = dirname(dirname(__FILE__)); class_exists('Setup', false) or (include $dir . '/classes/Setup.class.php'); class_exists('Utilities', false) or (include $dir . '/classes/Utilities.class.php'); class_exists('_MySQL', false) or (include $dir . '/classes/_MySQL.class.php'); class_exists('_Logging', false) or (include $dir . '/classes/_Logging.class.php'); $options = getopt("h:"); $options['h'] = isset($options['h']) ? trim($options['h']) : ''; if ($options['h'] == '') { _Logging::appLog("monitorJob called without params"); exit; } $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); $rs = $mysql->runQuery("\n\tselect *\n\tfrom monitors\n\twhere ipDomain = '" . $mysql->escape($options['h']) . "'"); while ($row = mysqli_fetch_array($rs, MYSQL_ASSOC)) { $monitor = $row; } // get blacklists Utilities::setBlockLists(); if (empty(Utilities::$domainBlacklists) === true && empty(Utilities::$ipBlacklists) === true) { _Logging::appLog("no blacklists configured"); exit; } //update monitor $result = serialize(Utilities::checkBlacklists($monitor['ipDomain'])); $isBlocked = Utilities::$isBlocked; $rdns = Utilities::lookupHostDNS($monitor['ipDomain']); $ctime = date('Y-m-d H:i:s'); $mysql->runQuery("\nupdate monitors\nset\nlastStatusChanged = 0,\nrDNS = '" . $mysql->escape($rdns) . "', \nisBlocked = {$isBlocked},\nlastUpdate = '{$ctime}', \nstatus = '" . $mysql->escape($result) . "' \nwhere ipDomain = '" . $mysql->escape($monitor['ipDomain']) . "'\n");
if ($parentProcessId == 0) { _Logging::appLog("userJob called without all params"); exit; } $m = new _MeasurePerformance(); $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); // get the user data $user = Utilities::getAccount(); _Logging::appLog("user job started"); // get the accounts blacklists Utilities::setBlockLists(); if (empty(Utilities::$domainBlacklists) === true && empty(Utilities::$ipBlacklists) === true) { _Logging::appLog("no blacklists configured"); // mark this one as ran $mysql->runQuery("update users set beenChecked = 1, lastChecked = '" . date('Y-m-d H:i:s') . "'"); exit; } //anything to monitor? $monitorCount = Utilities::getHostCount($mysql); if ($monitorCount == 0) { _Logging::appLog("nothing to monitor"); exit; } // reset checks $mysql->runQuery("update monitors set beenChecked = 0"); // wait for results while (true) { if (!Utilities::is_process_running($parentProcessId)) { _Logging::appLog("parent died - userJob exited"); exit;
if ($monitorGroupId != 0) { $searchSQL .= " and monitorGroupId = {$monitorGroupId} "; } switch ($hostType) { case 'domains': $hostTypeSQL .= " and isDomain = 1 "; break; case 'ips': $hostTypeSQL .= " and isDomain = 0 "; break; } if ($searchS != '') { $searchSQL .= " and (\n\t\tipDomain like '%" . $mysql->escape($searchS) . "%' \n\t\tor rDNS like '%" . $mysql->escape($searchS) . "%'\n\t\tor status like '%" . $mysql->escape($searchS) . "%' ) "; } $sql = "\nselect m.isBlocked, m.lastUpdate, m.ipDomain, m.lastStatusChangeTime, m.rDNS, m.status, g.groupName, g.id\nfrom monitors m \n\tinner join monitorGroup g on g.id = m.monitorGroupId\nwhere 1=1 {$hostTypeSQL} {$searchSQL}\n{$orderSQL}\n{$limitSQL}\n"; $rs = $mysql->runQuery($sql); include 'header.inc.php'; include 'accountSubnav.inc.php'; $hostsCount = Utilities::getHostCount($mysql, $monitorGroupId); $hostsCountError = Utilities::getHostErrorCount($mysql, $monitorGroupId); ?> <script src="js/jquery.tablesorter.min.js"></script> <script> $(document).ready(function() { $("#hostTable").tablesorter(); $(".reportType").change(function() { $("#reportForm").submit(); }); $(".recentFilter").change(function() {
set_time_limit(0); //prevent non cli access if (php_sapi_name() !== 'cli') { exit; } $dir = dirname(dirname(__FILE__)); class_exists('Setup', false) or (include $dir . '/classes/Setup.class.php'); class_exists('Utilities', false) or (include $dir . '/classes/Utilities.class.php'); class_exists('_MySQL', false) or (include $dir . '/classes/_MySQL.class.php'); class_exists('_Logging', false) or (include $dir . '/classes/_Logging.class.php'); $options = getopt("r:"); $options['r'] = isset($options['r']) ? $options['r'] : ''; $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); if ($options['r'] == 'blockListStats') { $mysql->runQuery("update blockLists set blocksYesterday = blocksToday, cleanYesterday = cleanToday; "); $mysql->runQuery("update blockLists set blocksToday = 0, cleanToday = 0; "); _Logging::appLog("block list stats updated"); } if ($options['r'] == 'weekly') { $mysql->runQuery("update users set beenChecked = 0 where checkFrequency = 'weekly';"); _Logging::appLog("weekly reset"); } if ($options['r'] == 'daily') { $mysql->runQuery("update users set beenChecked = 0 where checkFrequency = 'daily';"); _Logging::appLog("daily reset"); } if ($options['r'] == '8hour') { $mysql->runQuery("update users set beenChecked = 0 where checkFrequency = '8hour';"); _Logging::appLog("8 hour reset"); }