set_time_limit(300);
if (GET('sensor') != "") {
ossim_valid(GET('sensor'), OSS_DIGIT, 'illegal:' . _("sensor"));
}
// Geoip
include "geoip.inc";
$gi = geoip_open("/usr/share/geoip/GeoIP.dat", GEOIP_STANDARD);
//$addr_type = ImportHTTPVar("addr_type", VAR_DIGIT);
$addr_type = 1;
$submit = ImportHTTPVar("submit", VAR_ALPHA | VAR_SPACE, array(gettext("Delete Selected"), gettext("Delete ALL on Screen"), _ENTIREQUERY));
$dst_ip = NULL;
// Check role out and redirect if needed -- Kevin
$roleneeded = 10000;
$BUser = new BaseUser();
if ($BUser->hasRole($roleneeded) == 0 && $Use_Auth_System == 1) {
base_header("Location: " . $BASE_urlpath . "/index.php");
}
$et = new EventTiming($debug_time_mode);
// The below three lines were moved from line 87 because of the odd errors some users were having
/* Connect to the Alert database */
$db = NewBASEDBConnection($DBlib_path, $DBtype);
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password);
$cs = new CriteriaState("base_stat_country.php", "&addr_type=1");
$cs->ReadState();
/* Dump some debugging information on the shared state */
if ($debug_mode > 0) {
PrintCriteriaState();
}
$qs = new QueryState();
$qs->AddCannedQuery("most_frequent", $freq_num_uaddr, gettext("Most Frequent IP addresses"), "occur_d");
$qs->MoveView($submit);
$_SESSION['back_list_cnt'] = 0;
PushHistory();
// Check role out and redirect if needed -- Kevin
$roleneeded = 10000;
$BUser = new BaseUser();
//if (($Use_Auth_System == 1) && ($BUser->hasRole($roleneeded) == 0))
if ($Use_Auth_System == 1) {
if ($BUser->hasRole($roleneeded) == 0) {
base_header("Location: {$BASE_urlpath}/index.php");
}
}
// Set cookie to use the correct db.
if (isset($_GET['archive'])) {
"no" == $_GET['archive'] ? $value = 0 : ($value = 1);
setcookie('archive', $value);
base_header("Location: {$BASE_urlpath}/base_main.php");
}
function DBLink()
{
// generate the link to select the other database....
global $archive_exists;
if (isset($_COOKIE['archive']) && $_COOKIE['archive'] == 1 || isset($_GET['archive']) && $_GET['archive'] == 1) {
echo '<a href="base_main.php?archive=no">' . gettext("Use Event Database") . '</a>';
} elseif ($archive_exists != 0) {
echo '<a href="base_main.php?archive=1">' . gettext("Use Archive Database") . '</a>';
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<!-- <?php
echo gettext("Statistical Overview");
$form = $form . "</tr></table></form>";
$pagebody = $form;
break;
case "updaterole":
// Updates role from above form....
$role = new BaseRole();
$rolearray = array(filterSql($_POST['role_id']), filterSql($_POST['role_name']), filterSql($_POST['desc']));
$role->updateRole($rolearray);
base_header("Location: base_roleadmin.php?action=list");
break;
case "deleterole":
// Deletes role
$roleid = filterSql($_GET['roleid']);
$BRole = new BaseRole();
$BRole->deleteRole($roleid);
base_header("Location: base_roleadmin.php?action=list");
break;
case "list":
// lists the roles
// Build table to list roles and return it as $roletable
$role = new BaseRole();
$roles = $role->returnRoles();
$tmpHTML = "<TABLE CELLSPACING=0 CELLPADDING=2 BORDER=0 WIDTH='100%' BGCOLOR='#000000'><TR><TD>";
$tmpHTML = $tmpHTML . "<table CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH='100%' BGCOLOR='#FFFFFF'>";
$tmpHTML = $tmpHTML . "<tr><td CLASS='plfieldhdr' width=25>" . _EDIT . "</td><td CLASS='plfieldhdr' width=35> " . _DELETE . "</td><td CLASS='plfieldhdr'>" . _ID . "</td><td CLASS='plfieldhdr'>" . _NAME;
$tmpHTML = $tmpHTML . "</td><td CLASS='plfieldhdr'>" . _DESC . "</td></tr>";
foreach ($roles as $row) {
//explode array rows and build table
$tmpRow = explode("|", $row);
$tmpHTML = $tmpHTML . "<tr><td align='center'><a href='base_roleadmin.php?action=editrole&roleid=" . urlencode($tmpRow[0]) . "'>";
$tmpHTML = $tmpHTML . "<img src='" . $BASE_urlpath . "/images/button_edit.png' border='0' alt='button_edit'></a></td>";
* if not redirect to the setup/index.php page
*/
if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10) {
header('Location: setup/index.php');
die;
}
require "base_conf.php";
include "{$BASE_path}/includes/base_include.inc.php";
include_once "{$BASE_path}/base_db_common.php";
include_once "{$BASE_path}/base_common.php";
$errorMsg = "";
$displayError = 0;
$noDisplayMenu = 1;
// Redirect to base_main.php if auth system is off
if ($Use_Auth_System == 0) {
base_header("Location: base_main.php");
}
if (isset($_POST['submit'])) {
$debug_mode = 0;
// wont login with debug_mode
$BASEUSER = new BaseUser();
$user = filterSql($_POST['login']);
$pwd = filterSql($_POST['password']);
if ($BASEUSER->Authenticate($user, $pwd) == 0) {
header("Location: base_main.php");
exit;
}
} else {
$displayError = 1;
$errorMsg = gettext("User does not exist or your password was incorrect!<br>Please try again");
}
** Copyright (C) 2009 OSSIM/AlienVault
** Copyright (C) 2004 BASE Project Team
** Copyright (C) 2000 Carnegie Mellon University
**
** (see the file 'base_main.php' for license details)
**
** Built upon work by Roman Danyliw <*****@*****.**>, <*****@*****.**>
** Built upon work by the BASE Project Team <*****@*****.**>
*/
include "../base_conf.php";
include "{$BASE_path}/includes/base_constants.inc.php";
include "{$BASE_path}/includes/base_include.inc.php";
include_once "{$BASE_path}/base_db_common.php";
include_once "{$BASE_path}/base_common.php";
include_once "{$BASE_path}/base_stat_common.php";
$et = new EventTiming($debug_time_mode);
$cs = new CriteriaState("admin/index.php");
$cs->ReadState();
// Check role out and redirect if needed -- Kevin
$roleneeded = 1;
$BUser = new BaseUser();
if ($BUser->hasRole($roleneeded) == 0 && $Use_Auth_System == 1) {
base_header("Location: " . $BASE_urlpath . "/base_main.php");
}
$page_title = _BASEADMIN;
PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1);
PrintBASEAdminMenuHeader();
echo _BASEADMINTEXT;
PrintBASEAdminMenuFooter();
PrintBASESubFooter();
echo "</body>\r\n</html>";
$BUser->disableUser($userid);
base_header("Location: base_useradmin.php?action=list");
break;
case "enableuser":
// enable user -- Kevin
$userid = filterSql($_GET['userid']);
$BUser = new BaseUser();
$BUser->enableUser($userid);
base_header("Location: base_useradmin.php?action=list");
break;
case "deleteuser":
// Deletes user
$userid = filterSql($_GET['userid']);
$BUser = new BaseUser();
$BUser->deleteUser($userid);
base_header("Location: base_useradmin.php?action=list");
break;
case "list":
// Build table to list users and return it as $usertable
$user = new BaseUser();
$users = $user->returnUsers();
$tmpHTML = "<TABLE CELLSPACING=0 CELLPADDING=2 BORDER=0 WIDTH='100%' BGCOLOR='#000000'><TR><TD>";
$tmpHTML = $tmpHTML . "<table CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH='100%' BGCOLOR='#FFFFFF'>";
$tmpHTML = $tmpHTML . "<tr><td CLASS='plfieldhdr' width=25>" . _EDIT . "</td><td CLASS='plfieldhdr' width=35> " . _DELETE . "</td><td CLASS='plfieldhdr'>" . _ID . "</td><td CLASS='plfieldhdr'>" . _LOGIN;
$tmpHTML = $tmpHTML . "</td><td CLASS='plfieldhdr'>" . _ROLEID . "</td><td CLASS='plfieldhdr'>" . _NAME;
$tmpHTML = $tmpHTML . "</td><td CLASS='plfieldhdr'>" . _ENABLED . "</td></tr>";
// Verify that we have a user in the db --Kevin
if ($users != "") {
foreach ($users as $row) {
//explode array rows and build table
$tmpRow = explode("|", $row);