Ejemplo n.º 1
0
function list_results($type, $value, $ctx_filter, $sortby, $sortdir)
{
    global $allres, $offset, $pageSize, $dbconn;
    global $user, $arruser;
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    $filteredView = FALSE;
    $selRadio = array("", "", "", "");
    $query_onlyuser = "";
    $url_filter = "";
    // Deprecated filter
    //if(!empty($arruser)) {$query_onlyuser = "******";}
    $sortby = "t1.results_sent DESC, t1.hostIP DESC";
    $sortdir = "";
    $queryw = "";
    $queryl = "";
    $querys = "SELECT distinct t1.hostIP, HEX(t1.ctx) as ctx, t1.scantime, t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid, t3.name as profile\n    FROM vuln_nessus_latest_reports AS t1 LEFT JOIN vuln_nessus_settings AS t3 ON t1.sid = t3.id, vuln_nessus_latest_results AS t5\n    WHERE\n    t1.hostIP      = t5.hostIP\n    AND t1.ctx     = t5.ctx\n    AND t1.deleted = '0' ";
    // set up the SQL query based on the search form input (if any)
    if ($type == "scantime" && $value != "") {
        $selRadio[0] = "CHECKED";
        $q = $value;
        $queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
        $queryl = " limit {$offset},{$pageSize}";
        $stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'";
        $url_filter = "&type={$type}&value={$value}";
    } else {
        if ($type == "service" && $value != "") {
            $selRadio[5] = "CHECKED";
            $q = $value;
            $queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
            $queryl = " limit {$offset},{$pageSize}";
            $stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'";
            $url_filter = "&type={$type}&value={$value}";
        } else {
            if ($type == "freetext" && $value != "") {
                $selRadio[6] = "CHECKED";
                $q = $value;
                $queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                $queryl = " limit {$offset},{$pageSize}";
                $stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'";
                $url_filter = "&type={$type}&value={$value}";
            } else {
                if ($type == "hostip" && $value != "") {
                    $selRadio[1] = "CHECKED";
                    $q = strtolower($value);
                    $queryw = " t1.hostIP LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                    $queryl = " limit {$offset},{$pageSize}";
                    $stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'";
                    $url_filter = "&type={$type}&value={$value}";
                } else {
                    if ($type == "fk_name" && $value != "") {
                        $selRadio[2] = "CHECKED";
                        $q = strtolower($value);
                        $queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                        $queryl = " limit {$offset},{$pageSize}";
                        $stext = _("Search for Subnet/CIDR") . " = '*{$q}*'";
                        $url_filter = "&type={$type}&value={$value}";
                    } else {
                        if ($type == "username" && $value != "") {
                            $selRadio[3] = "CHECKED";
                            $q = strtolower($value);
                            $queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                            $queryl = " limit {$offset},{$pageSize}";
                            $stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'";
                            $url_filter = "&type={$type}&value={$value}";
                        } else {
                            if ($type == "hn" && $value != "") {
                                if (!empty($ctx_filter)) {
                                    $queryw = " AND t1.ctx=UNHEX('{$ctx_filter}')";
                                }
                                $selRadio[4] = "CHECKED";
                                if (preg_match("/\\//", $value)) {
                                    $ip_range = array();
                                    $ip_range = Cidr::expand_CIDR($value, "SHORT");
                                    $queryw .= " AND (inet_aton(t1.hostIP) >= '" . $ip_range[0] . "' AND inet_aton(t1.hostIP) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}";
                                } elseif (preg_match("/\\,/", $value)) {
                                    $q = implode("','", explode(",", $value));
                                    $queryw .= " AND t1.hostIP in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}";
                                    $q = "Others";
                                } else {
                                    $q = $value;
                                    $queryw .= " AND t1.hostIP LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}";
                                }
                                $queryl = " limit {$offset},{$pageSize}";
                                if (!preg_match("/\\//", $value)) {
                                    $stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'";
                                } else {
                                    $stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'";
                                }
                                $url_filter = "&type={$type}&value={$value}";
                            } else {
                                $selRadio[4] = "CHECKED";
                                $viewAll = FALSE;
                                $queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}";
                                $queryl = " limit {$offset},{$pageSize}";
                                $stext = "";
                            }
                        }
                    }
                }
            }
        }
    }
    // set up the pager and search fields if viewing all hosts
    $reportCount = 0;
    if (!$filteredView) {
        $dbconn->Execute(str_replace("SELECT distinct", "SELECT SQL_CALC_FOUND_ROWS distinct", $querys) . $queryw);
        $reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total");
        $previous = $offset - $pageSize;
        if ($previous < 0) {
            $previous = 0;
        }
        $last = intval($reportCount / $pageSize) * $pageSize;
        if ($last < 0) {
            $last = 0;
        }
        $next = $offset + $pageSize;
        $pageEnd = $offset + $pageSize;
        $value = html_entity_decode($value);
        //echo "<center><table cellspacing='0' cellpadding='0' border='0' width='100%'><tr><td class='headerpr' style='border:0;'>"._("Current Vulnerablities")."</td></tr></table>";
        // output the search form
        echo "<table class='w100 transparent'>";
        echo "<tr><td class='sec_title'>" . _("Asset Vulnerability Details") . "</td></tr>";
        echo "<tr><td style='padding:12px 0px 0px 0px;' class='transparent'>";
        ?>
    <div id='cvleftdiv'>
        <a id="new_scan_button" class="button" href="<?php 
        echo Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs');
        ?>
" style="text-decoration:none;">
        <?php 
        echo _("New Scan Job");
        ?>
        </a>
    </div>
    <div id='cvrightdiv'>

<?php 
        echo '<form name="hostSearch" id="hostSearch" action="index.php" method="GET">
<input type="text" length="25" name="value" id="assets" class="assets" style="margin:0px !important;" value="' . Util::htmlentities($value) . '">';
        // cvfiltertype -> current vulnerabilities filter type
        echo "\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n";
        echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" id=\"current_vulns_find_button\" class=\"av_b_secondary small\" style=\"margin-left:15px;\">";
        echo <<<EOT
</form>
</p>
EOT;
    } else {
        // get the search result count
        $queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' ";
        $scount = $dbconn->GetOne($queryc . $queryw);
        echo "<p>{$scount} report";
        if ($scount != 1) {
            echo "s";
        } else {
        }
        echo " " . _("found matching search criteria") . " | ";
        echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>";
    }
    echo "<p>";
    echo $stext;
    echo "</p>";
    echo "</div></td></tr></table>";
    $result = array();
    // get the hosts to display
    $result = $dbconn->GetArray($querys . $queryw . $queryl);
    // main query
    //echo $querys.$queryw.$queryl;
    $delete_ids = array();
    if (count($result) > 0) {
        foreach ($result as $rpt) {
            $delete_ids[] = $dreport_id = $rpt["report_id"];
        }
    }
    $_SESSION["_dreport_ids"] = implode(",", $delete_ids);
    //echo "$querys$queryw$queryl";
    if ($result === false) {
        $errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg();
        $error++;
        dispSQLError($errMsg, $error);
    } else {
        $data['vInfo'] = 0;
        $data['vLow'] = 0;
        $data['vMed'] = 0;
        $data['vHigh'] = 0;
        $data['vSerious'] = 0;
        $perms_where = Asset_host::get_perms_where('host.', TRUE);
        if (!empty($perms_where)) {
            $queryt = "SELECT count(lr.result_id) AS total, lr.risk, lr.hostIP, HEX(lr.ctx) AS ctx\n                        FROM vuln_nessus_latest_results lr, host, host_ip hi\n                        WHERE host.id=hi.host_id AND inet6_ntoa(hi.ip)=lr.hostIP {$perms_where} AND falsepositive='N'\n                        GROUP BY risk, hostIP, ctx";
        } else {
            $queryt = "SELECT count(lr.result_id) AS total, risk, lr.hostIP, HEX(lr.ctx) AS ctx\n                        FROM vuln_nessus_latest_results lr\n                        WHERE falsepositive='N'\n                        GROUP BY risk, hostIP, ctx";
        }
        //echo "$queryt<br>";
        $resultt = $dbconn->Execute($queryt);
        while (!$resultt->EOF) {
            $riskcount = $resultt->fields['total'];
            $risk = $resultt->fields['risk'];
            if ($risk == 7) {
                $data['vInfo'] += $riskcount;
            } else {
                if ($risk == 6) {
                    $data['vLow'] += $riskcount;
                } else {
                    if ($risk == 3) {
                        $data['vMed'] += $riskcount;
                    } else {
                        if ($risk == 2) {
                            $data['vHigh'] += $riskcount;
                        } else {
                            if ($risk == 1) {
                                $data['vSerious'] += $riskcount;
                            }
                        }
                    }
                }
            }
            $resultt->MoveNext();
        }
        if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) {
            $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
        } else {
            $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "lr_reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "lr_respdf.php?ipl=all&scantype=M", "xlink" => "lr_rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
        }
        foreach ($result as $data) {
            if (!Session::hostAllowed_by_ip_ctx($dbconn, $data["hostIP"], $data["ctx"])) {
                continue;
            }
            $host_id = key(Asset_host::get_id_by_ips($dbconn, $data["hostIP"], $data["ctx"]));
            if (valid_hex32($host_id)) {
                $data['host_name'] = Asset_host::get_name_by_id($dbconn, $host_id);
            }
            $data['vSerious'] = 0;
            $data['vHigh'] = 0;
            $data['vMed'] = 0;
            $data['vLow'] = 0;
            $data['vInfo'] = 0;
            // query for reports for each IP
            $query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE hostIP = '" . $data['hostIP'];
            $query_risk .= "' AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND ctx = UNHEX('" . $data['ctx'] . "') AND falsepositive='N'";
            $result_risk = $dbconn->Execute($query_risk);
            while (!$result_risk->EOF) {
                if ($result_risk->fields["risk"] == 7) {
                    $data['vInfo']++;
                } else {
                    if ($result_risk->fields["risk"] == 6) {
                        $data['vLow']++;
                    } else {
                        if ($result_risk->fields["risk"] == 3) {
                            $data['vMed']++;
                        } else {
                            if ($result_risk->fields["risk"] == 2) {
                                $data['vHigh']++;
                            } else {
                                if ($result_risk->fields["risk"] == 1) {
                                    $data['vSerious']++;
                                }
                            }
                        }
                    }
                }
                $result_risk->MoveNext();
            }
            $data['plink'] = "lr_respdf.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
            $data['hlink'] = "lr_reshtml.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
            $data['xlink'] = "lr_rescsv.php?treport=latest&ipl=" . urlencode($data['hostIP']) . "&ctx=" . $data['ctx'] . "&scantype=" . $data['scantype'];
            if (Session::am_i_admin()) {
                $data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime'];
            }
            $list = explode("\n", trim($data['meth_target']));
            if (count($list) == 1) {
                $list[0] = trim($list[0]);
                $data['target'] = resolve_asset($dbconn, $list[0]);
            } elseif (count($list) == 2) {
                $list[0] = trim($list[0]);
                $list[0] = resolve_asset($dbconn, $list[0]);
                $list[1] = trim($list[1]);
                $list[1] = resolve_asset($dbconn, $list[1]);
                $data['target'] = $list[0] . ' ' . $list[1];
            } else {
                $list[0] = trim($list[0]);
                $list[0] = resolve_asset($dbconn, $list[0]);
                $list[count($list) - 1] = trim($list[count($list) - 1]);
                $list[count($list) - 1] = resolve_asset($dbconn, $list[count($list) - 1]);
                $data['target'] = $list[0] . " ... " . $list[count($list) - 1];
            }
            $tdata[] = $data;
        }
        if ($sortdir == "ASC") {
            $sortdir = "DESC";
        } else {
            $sortdir = "ASC";
        }
        $url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_filter;
        $fieldMapLinks = array();
        $fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png'));
        if (Session::am_i_admin()) {
            $fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif');
        }
        $fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks);
        // echo "<pre>";
        // var_dump($tdata);
        // echo "</pre>";
        if (count($tdata) > 1) {
            drawTableLatest($fieldMap, $tdata, "Hosts");
        } elseif (Session::menu_perms("environment-menu", "EventsVulnerabilitiesScan")) {
            echo "<br><span class='gray'>" . _("No results found: ") . "</span><a href='" . Menu::get_menu_url(AV_MAIN_PATH . '/vulnmeter/sched.php?action=create_scan&hosts_alive=1&scan_locally=1', 'environment', 'vulnerabilities', 'scan_jobs') . "'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br>";
        }
    }
    // draw the pager again, if viewing all hosts
    if (!$filteredView && $reportCount > 10) {
        ?>
    <div class="fright tmargin">
        <?php 
        if ($next > $pageSize) {
            ?>
	        <a href="index.php?<?php 
            echo "offset={$previous}{$url_filter}";
            ?>
" class="pager">< <?php 
            echo _("PREVIOUS");
            ?>
 </a>
	    <?php 
        } else {
            ?>
	        <a class='link_paginate_disabled' href="" onclick='return false'>< <?php 
            echo _("PREVIOUS");
            ?>
 </a>
		<?php 
        }
        if ($next <= $last) {
            ?>
            <a class='lmargin' href="index.php?<?php 
            echo "offset={$next}{$url_filter}";
            ?>
">  <?php 
            echo _("NEXT");
            ?>
 ></a>
        <?php 
        } else {
            ?>
            <a class='link_paginate_disabled lmargin' href="" onclick='return false'><?php 
            echo _("NEXT");
            ?>
 ></a>
        <?php 
        }
        ?>
    </div>
<?php 
    } else {
        echo "<p>&nbsp;</p>";
    }
}
Ejemplo n.º 2
0
function list_results($type, $value, $sortby, $sortdir)
{
    global $scanstate, $isReportAdmin, $allres, $offset, $pageSize, $username, $uroles, $dbconn, $hosts;
    global $user, $arruser, $delete_selected;
    $filteredView = FALSE;
    $selRadio = array("", "", "", "");
    $query_onlyuser = "";
    $url_filter = "";
    //if (!$isReportAdmin || (!$allres)) { $query_onlyuser="******"; }
    if (!in_array("admin", $arruser)) {
        $query_onlyuser = "******";
    }
    //echo $query_onlyuser;
    //if ($sortby == "" ) { $sortby = "scantime"; }
    //if ($sortdir == "" ) { $sortdir = "DESC"; }
    $sortby = "t1.results_sent DESC, t1.name DESC";
    //$sortdir = "DESC";
    $sortdir = "";
    $queryw = "";
    $queryl = "";
    //$querys="SELECT distinct t1.report_id, t1.name as jobname, t4.meth_target, t1.scantime,
    //   t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t3.name as profile, t4.id as jobid, t4.meth_SCHED,
    //   t5.vSerious, t5.vHigh, t5.vMed, t5.vLow, t5.vInfo
    //      FROM vuln_nessus_latest_reports t1
    //   LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id
    //   LEFT JOIN vuln_jobs t4 on t1.report_id = t4.report_id
    //   LEFT JOIN vuln_nessus_report_stats t5 on t1.report_id = t5.report_id
    //      WHERE t1.deleted = '0' ";
    //  $querys="SELECT distinct t1.report_id, t4.name as jobname, t4.scan_submit, t4.meth_target, t1.scantime,
    // t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t3.name as profile, t4.id as jobid, t4.meth_SCHED,
    // t5.vSerious, t5.vHigh, t5.vMed, t5.vLow, t5.vInfo
    // FROM vuln_nessus_latest_reports t1
    // LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id
    // LEFT JOIN vuln_jobs t4 on t1.report_id = t4.report_id
    // LEFT JOIN vuln_nessus_report_stats t5 on t1.report_id = t5.report_id
    // WHERE t1.deleted = '0' ";
    /*$querys="SELECT distinct t1.report_id, t1.scantime,
      t1.username, t1.scantype, t1.report_key, t1.report_type as report_type,
      t3.name as profile, '0' as vSerious, '0' as High, '0' as vMed, '0' as vLow, '0' as vInfo
      FROM vuln_nessus_latest_reports t1
      LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id
      WHERE t1.deleted = '0' ";*/
    $querys = "SELECT distinct t1.report_id, t4.hostname as host_name, t1.scantime,\n     t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid,\n     t3.name as profile\n     FROM vuln_nessus_latest_reports t1\n     LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id\n     LEFT JOIN host t4 ON t4.ip=inet_ntoa(t1.report_id)\n     LEFT JOIN vuln_nessus_latest_results t5 ON t1.report_id=t5.report_id \n     WHERE t1.deleted = '0' ";
    // set up the SQL query based on the search form input (if any)
    if ($type == "scantime" && $value != "") {
        $selRadio[0] = "CHECKED";
        $q = $value;
        $queryw = " AND t1.scantime LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
        $queryl = " limit {$offset},{$pageSize}";
        $stext = "<b>" . _("Search for Date/Time") . "</b> = '*{$q}*'";
        $url_filter = "&type={$type}&value={$value}";
    } else {
        if ($type == "service" && $value != "") {
            $selRadio[5] = "CHECKED";
            $q = $value;
            $queryw = " AND t5.service LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
            $queryl = " limit {$offset},{$pageSize}";
            $stext = "<b>" . _("Search for Service") . "</b> = '*" . html_entity_decode($q) . "*'";
            $url_filter = "&type={$type}&value={$value}";
        } else {
            if ($type == "freetext" && $value != "") {
                $selRadio[6] = "CHECKED";
                $q = $value;
                $queryw = " AND t5.msg LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                $queryl = " limit {$offset},{$pageSize}";
                $stext = "<b>" . _("Search for Free Text") . "</b> = '*" . html_entity_decode($q) . "*'";
                $url_filter = "&type={$type}&value={$value}";
            } else {
                if ($type == "hostip" && $value != "") {
                    $selRadio[1] = "CHECKED";
                    $q = strtolower($value);
                    $queryw = " AND (t4.hostname LIKE '%{$q}%' OR inet_ntoa(t1.report_id) LIKE '%{$q}%') {$query_onlyuser} order by {$sortby} {$sortdir}";
                    $queryl = " limit {$offset},{$pageSize}";
                    $stext = "<b>" . _("Search for Host-IP") . "</b> = '*{$q}*'";
                    $url_filter = "&type={$type}&value={$value}";
                } else {
                    if ($type == "fk_name" && $value != "") {
                        $selRadio[2] = "CHECKED";
                        $q = strtolower($value);
                        $queryw = " AND t1.fk_name LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                        $queryl = " limit {$offset},{$pageSize}";
                        $stext = _("Search for Subnet/CIDR") . " = '*{$q}*'";
                        $url_filter = "&type={$type}&value={$value}";
                    } else {
                        if ($type == "username" && $value != "") {
                            $selRadio[3] = "CHECKED";
                            $q = strtolower($value);
                            $queryw = " AND t1.username LIKE '%{$q}%' {$query_onlyuser} order by {$sortby} {$sortdir}";
                            $queryl = " limit {$offset},{$pageSize}";
                            $stext = "<b>" . _("Search for user") . "</b> = '*{$q}*'";
                            $url_filter = "&type={$type}&value={$value}";
                        } else {
                            if ($type == "hn" && $value != "") {
                                $selRadio[4] = "CHECKED";
                                if (preg_match("/\\//", $value)) {
                                    /*$tokens = explode("/", $value);
                                              $bytes = explode(".",$tokens[0]);
                                    
                                              if($tokens[1]=="24")
                                                    $q = $bytes[0].".".$bytes[1].".".$bytes[2].".";
                                              else if ($tokens[1]=="16")
                                                    $q = $bytes[0].".".$bytes[1].".";
                                              else if ($tokens[1]=="8")
                                                    $q = $bytes[0].".";
                                              else if ((int)$tokens[1]>24)
                                                    $q = $bytes[0].".".$bytes[1].".".$bytes[2].".".$bytes[3];
                                              //
                                              */
                                    $ip_range = array();
                                    $ip_range = CIDR::expand_CIDR($value, "SHORT");
                                    $queryw = " AND (inet_aton(t1.name) >= '" . $ip_range[0] . "' AND inet_aton(t1.name) <='" . $ip_range[1] . "') {$query_onlyuser} order by {$sortby} {$sortdir}";
                                } elseif (preg_match("/\\,/", $value)) {
                                    $q = implode("','", explode(",", $value));
                                    $queryw = " AND t1.name in ('{$q}') {$query_onlyuser} order by {$sortby} {$sortdir}";
                                    $q = "Others";
                                } else {
                                    $q = $value;
                                    $queryw = " AND t1.name LIKE '{$q}' {$query_onlyuser} order by {$sortby} {$sortdir}";
                                }
                                $queryl = " limit {$offset},{$pageSize}";
                                if (!preg_match("/\\//", $value)) {
                                    $stext = "<b>" . _("Search for Host") . "</b> = '" . html_entity_decode($q) . "'";
                                } else {
                                    $stext = "<b>" . _("Search for Subnet/CIDR") . "</b> = '{$value}'";
                                }
                                $url_filter = "&type={$type}&value={$value}";
                            } else {
                                $selRadio[4] = "CHECKED";
                                $viewAll = FALSE;
                                $queryw = "{$query_onlyuser} order by {$sortby} {$sortdir}";
                                $queryl = " limit {$offset},{$pageSize}";
                                $stext = "";
                            }
                        }
                    }
                }
            }
        }
    }
    // put link to add new host
    //   if ($isReportAdmin) {
    //      $url_allres="&allres=";
    //      if ($allres=="" || !is_numeric($allres) || (!$allres)) {
    //         $allres=0;
    //         echo "<a href='results.php?offset=0".$url_allres."1'>Show all results</a><br>";
    //      } else {
    //         $allres=1;
    //         echo "<a href='results.php?offset=0".$url_allres."0'>Display only my Results</a><br>";
    //      }
    //      $url_allres .="$allres";
    //   }
    // echo the search criteria used
    // set up the pager and search fields if viewing all hosts
    $reportCount = 0;
    if (!$filteredView) {
        //$queryc = "SELECT count(report_id) FROM vuln_nessus_latest_reports t1 WHERE 1=1 ";
        $queryc = "SELECT SQL_CALC_FOUND_ROWS distinct t1.report_id, t4.hostname as host_name, t1.scantime,\n                t1.username, t1.scantype, t1.report_key, t1.report_type as report_type, t1.sid,\n                t3.name as profile\n                FROM vuln_nessus_latest_reports t1\n                LEFT JOIN vuln_nessus_settings t3 ON t1.sid=t3.id\n                LEFT JOIN host t4 ON t4.ip=inet_ntoa(t1.report_id)" . ($type == "service" || $type == "freetext" ? " LEFT JOIN vuln_nessus_latest_results t5 ON t1.report_id=t5.report_id " : " ") . "WHERE t1.deleted = '0' ";
        $dbconn->Execute($queryc . $queryw);
        $reportCount = $dbconn->GetOne("SELECT FOUND_ROWS() as total");
        $previous = $offset - $pageSize;
        if ($previous < 0) {
            $previous = 0;
        }
        $last = intval($reportCount / $pageSize) * $pageSize;
        if ($last < 0) {
            $last = 0;
        }
        $next = $offset + $pageSize;
        /*if ($next < $last) {
            $last = $next;
          }*/
        $pageEnd = $offset + $pageSize;
        $value = html_entity_decode($value);
        echo "<center><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"900\"><tr><td class=\"headerpr\" style=\"border:0;\">" . _("Current Vulnerablities") . "</td></tr></table>";
        //echo "<p>There are $reportCount scans defined in the system.";
        // output the search form
        echo "<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"900\">";
        echo "<tr><td style=\"padding-top:5px;\" class=\"nobborder\">";
        echo <<<EOT
<center>
<form name="hostSearch" id="hostSearch" action="index.php" method="GET">
<input type="text" length="25" name="value" class="assets" id="assets" value="{$value}">
EOT;
        echo "\n<!--<input type=\"radio\" name=\"type\" value=\"scantime\" {$selRadio['0']}>" . _("Date") . "/" . _("Time") . "-->\n<!--<input type=\"radio\" name=\"type\" value=\"hostip\" {$selRadio['1']}>" . _("Host - IP") . "-->\n<!--<input type=\"radio\" name=\"type\" value=\"fk_name\" {$selRadio['2']}>Subnet Name-->\n<input type=\"radio\" name=\"type\" value=\"service\" {$selRadio['5']}>" . _("Service") . "\n<input type=\"radio\" name=\"type\" value=\"freetext\" {$selRadio['6']}>" . _("Free text") . "\n<input type=\"radio\" name=\"type\" value=\"hn\" {$selRadio['4']}>" . _("Host/Net") . "\n<!--<input type=\"radio\" name=\"type\" value=\"username\" {$selRadio['3']}>Username-->\n";
        /*     echo <<<EOT
        <input type="hidden" name="sortby" value="$sortby">
        <input type="hidden" name="allres" value="$allres">
        <input type="hidden" name="op" value="search">&nbsp;&nbsp;&nbsp;
        EOT;*/
        echo '<input type="hidden" name="withoutmenu" value="' . GET('withoutmenu') . '">';
        echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Find") . "\" class=\"button\" style=\"margin-left:15px;\">";
        if (Session::am_i_admin() && (GET("submit") != "" || GET("type") != "") && GET("value") != "") {
            echo "<input style=\"margin-left:5px;\" type=\"button\" value=\"" . _("Delete selection") . "\" onclick=\"deleteSelected(this.form)\" class=\"button\">";
        }
        echo <<<EOT
</form>
</center>
</p>
EOT;
        // output the pager
        //echo "<p align=center><a href='index.php?offset=0".$url_allres.$url_filter."' class='pager'>&lt&lt "._("First")."</a> | ";
        //if($offset != 0) {
        //   echo "<a href='index.php?offset=$previous".$url_allres.$url_filter."' class='pager'>&lt "._("Previous")." </a> | ";
        //}
        //if($pageEnd >= $reportCount) { $pageEnd = $reportCount; }
        //echo "[ ".($offset+1)." - $pageEnd of $reportCount ] | ";
        //if($next < $last) {
        //   echo "<a href='index.php?offset=$next".$url_allres.$url_filter."' class='pager'>| "._("Next")." &gt;</a> | ";
        //}
        //echo "<a href='index.php?offset=$last".$url_allres.$url_filter."' class='pager'> "._("Last")." &gt;&gt;</a></p>";
    } else {
        // get the search result count
        $queryc = "SELECT count( report_id ) FROM vuln_nessus_latest_reports WHERE t1.deleted = '0' ";
        $scount = $dbconn->GetOne($queryc . $queryw);
        echo "<p>{$scount} report";
        if ($scount != 1) {
            echo "s";
        } else {
        }
        echo " " . _("found matching search criteria") . " | ";
        echo " <a href='index.php' alt='" . _("View All Reports") . "'>" . _("View All Reports") . "</a></p>";
    }
    echo "<p>";
    echo $stext;
    echo "</p>";
    echo "</td></tr></table>";
    // get the hosts to display
    $result = $dbconn->GetArray($querys . $queryw . $queryl);
    $delete_ids = array();
    foreach ($result as $rpt) {
        $delete_ids[] = $dreport_id = $rpt["report_id"];
    }
    $_SESSION["_dreport_ids"] = implode(",", $delete_ids);
    /*   if ($delete_selected!="") { // delete selected current vulns from latest tables defore display
            foreach ($result as $rpt) {
                $dreport_id = $rpt["report_id"];
    
                $query = "DELETE FROM vuln_nessus_latest_reports WHERE report_id=$dreport_id";
                $result=$dbconn->execute($query);
                
                $query = "DELETE FROM vuln_nessus_latest_results WHERE report_id=$dreport_id";
                $result=$dbconn->execute($query);
            }
        ?>
        <script type="text/javascript">
        //    document.location.href='index.php';
        </script>
        <?php
       }
    */
    //echo "[$querys$queryw$queryl]";
    if ($result === false) {
        $errMsg[] = _("Error getting results") . ": " . $dbconn->ErrorMsg();
        $error++;
        dispSQLError($errMsg, $error);
    } else {
        $data['vInfo'] = 0;
        $data['vLow'] = 0;
        $data['vMed'] = 0;
        $data['vHigh'] = 0;
        $data['vSerious'] = 0;
        $queryt = "SELECT count(*) AS total, risk, hostIP FROM (\n                    SELECT DISTINCT port, protocol, app, scriptid, msg, risk, hostIP\n                    FROM vuln_nessus_latest_results where falsepositive='N'" . (in_array("admin", $arruser) ? "" : " and username in ('" . $user . "')") . ") AS t GROUP BY risk, hostIP";
        //echo "$queryt<br>";
        $resultt = $dbconn->Execute($queryt);
        while (list($riskcount, $risk, $hostIP) = $resultt->fields) {
            if ($risk == 7) {
                $data['vInfo'] += $riskcount;
            } else {
                if ($risk == 6) {
                    $data['vLow'] += $riskcount;
                } else {
                    if ($risk == 3) {
                        $data['vMed'] += $riskcount;
                    } else {
                        if ($risk == 2) {
                            $data['vHigh'] += $riskcount;
                        } else {
                            if ($risk == 1) {
                                $data['vSerious'] += $riskcount;
                            }
                        }
                    }
                }
            }
            $resultt->MoveNext();
        }
        if ($data['vInfo'] == 0 && $data['vLow'] == 0 && $data['vMed'] == 0 && $data['vHigh'] == 0 && $data['vSerious'] == 0) {
            $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "", "plink" => "", "xlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
        } else {
            $tdata[] = array("report_id" => "All", "host_name" => "", "scantime" => "", "username" => "", "scantype" => "", "report_key" => "", "report_type" => "", "sid" => "", "profile" => "", "hlink" => "reshtml.php?ipl=all&disp=html&output=full&scantype=M", "plink" => "respdf.php?ipl=all&scantype=M", "xlink" => "rescsv.php?ipl=all&scantype=M", "dlink" => "", "vSerious" => $data['vSerious'], "vHigh" => $data['vHigh'], "vMed" => $data['vMed'], "vLow" => $data['vLow'], "vInfo" => $data['vInfo']);
        }
        foreach ($result as $data) {
            $data['vSerious'] = 0;
            $data['vHigh'] = 0;
            $data['vMed'] = 0;
            $data['vLow'] = 0;
            $data['vInfo'] = 0;
            // query for reports for each IP
            $query_risk = "SELECT distinct risk, port, protocol, app, scriptid, msg, hostIP FROM vuln_nessus_latest_results WHERE report_id = " . $data['report_id'];
            $query_risk .= " AND username = '******'username'] . "' AND sid =" . $data['sid'] . " AND falsepositive='N'";
            //echo "[$query_risk]<br>";
            $result_risk = $dbconn->Execute($query_risk);
            while (!$result_risk->EOF) {
                if ($result_risk->fields["risk"] == 7) {
                    $data['vInfo']++;
                } else {
                    if ($result_risk->fields["risk"] == 6) {
                        $data['vLow']++;
                    } else {
                        if ($result_risk->fields["risk"] == 3) {
                            $data['vMed']++;
                        } else {
                            if ($result_risk->fields["risk"] == 2) {
                                $data['vHigh']++;
                            } else {
                                if ($result_risk->fields["risk"] == 1) {
                                    $data['vSerious']++;
                                }
                            }
                        }
                    }
                }
                $result_risk->MoveNext();
            }
            $more = "&hmenu=Vulnerabilities&smenu=Vulnerabilities";
            $data['clink'] = "respdfc.php?scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . "&key=" . $data['report_key'] . $more;
            $data['plink'] = "respdf.php?treport=latest&scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . "&key=" . $data['report_key'] . $more;
            $data['hlink'] = "reshtml.php?treport=latest&key=" . $data['report_key'] . "&disp=html&output=full&scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . $more;
            $data['rerun'] = "sched.php?disp=rerun&job_id=" . $data['jobid'] . $more;
            $data['xlink'] = "rescsv.php?treport=latest&scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . "&key=" . $data['report_key'] . $more;
            $data['xbase'] = "restextsummary.php?scantime=" . $data['scantime'] . "&scantype=" . $data['scantype'] . $more . "&key=" . $data['report_key'];
            if (Session::am_i_admin()) {
                $data['dlink'] = "index.php?delete=" . $data['report_key'] . "&scantime=" . $data['scantime'];
            }
            /*
                                                $data['vSerious'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype']
                                                ."&key=".$data['report_key']."&critical=1\">".$data['vSerious']."</a>";
                                                $data['vHigh'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype']
                                                ."&key=".$data['report_key']."&critical=2\">".$data['vHigh']."</a>";
                                                $data['vMed'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype']
                                                ."&key=".$data['report_key']."&critical=3\">".$data['vMed']."</a>";
                                                $data['vLow'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype']
                                                ."&key=".$data['report_key']."&critical=6\">".$data['vLow']."</a>";	
                                                $data['vInfo'] = "<a href=\"respdf.php?scantime=".$data['scantime']."&scantype=".$data['scantype']
                                                ."&key=".$data['report_key']."&critical=7\">".$data['vInfo']."</a>";*/
            //$data['vSerious'] = $data['vSerious'];
            //$data['vHigh'] = $data['vHigh'];
            //$data['vMed'] = $data['vMed'];
            //$data['vLow'] = $data['vLow'];
            //$data['vInfo'] = $data['vInfo'];
            //$data['scan_submit'] = $data['scan_submit'];
            $list = explode("\n", trim($data['meth_target']));
            if (count($list) == 1) {
                $list[0] = trim($list[0]);
                if ($list[0] != "") {
                    if ($hosts[$list[0]] != "" && $hosts[$list[0]] != $list[0]) {
                        $data['target'] = $hosts[$list[0]] . " (" . $list[0] . ")";
                    } else {
                        $data['target'] = $list[0];
                    }
                } else {
                    $data['target'] = "-";
                }
            } elseif (count($list) == 2) {
                $list[0] = trim($list[0]);
                if ($hosts[$list[0]] != "" && $hosts[$list[0]] != $list[0]) {
                    $list[0] = $hosts[$list[0]] . " (" . $list[0] . ")";
                }
                $list[1] = trim($list[1]);
                if ($hosts[$list[1]] != "" && $hosts[$list[1]] != $list[1]) {
                    $list[1] = $hosts[$list[1]] . " (" . $list[1] . ")";
                }
                $data['target'] = $list[0] . ' ' . $list[1];
            } else {
                $list[0] = trim($list[0]);
                if ($hosts[$list[0]] != "" && $hosts[$list[0]] != $list[0]) {
                    $list[0] = $hosts[$list[0]] . " (" . $list[0] . ")";
                }
                $list[count($list) - 1] = trim($list[count($list) - 1]);
                if ($hosts[$list[count($list) - 1]] != "" && $hosts[$list[count($list) - 1]] != $list[count($list) - 1]) {
                    $list[count($list) - 1] = $hosts[$list[count($list) - 1]] . " (" . $list[count($list) - 1] . ")";
                }
                $data['target'] = $list[0] . " ... " . $list[count($list) - 1];
            }
            $tdata[] = $data;
        }
        if ($sortdir == "ASC") {
            $sortdir = "DESC";
        } else {
            $sortdir = "ASC";
        }
        $url = $_SERVER['SCRIPT_NAME'] . "?offset={$offset}&sortby=%var%&sortdir={$sortdir}" . $url_allres . $url_filter;
        $fieldMapLinks = array();
        $fieldMapLinks = array(gettext("HTML Results") => array('url' => '%param%', 'param' => 'hlink', 'target' => 'main', 'icon' => 'images/html.png'), gettext("PDF Results") => array('url' => '%param%', 'param' => 'plink', 'target' => '_blank', 'icon' => 'images/pdf.png'), gettext("EXCEL Results") => array('url' => '%param%', 'param' => 'xlink', 'target' => '_blank', 'icon' => 'images/page_white_excel.png'));
        if (Session::am_i_admin()) {
            $fieldMapLinks["DELETE Results"] = array('url' => '%param%', 'param' => 'dlink', 'target' => 'main', 'icon' => 'images/delete.gif');
        }
        $fieldMap = array("Host - IP" => array('var' => 'hostip'), "Date/Time" => array('var' => 'scantime'), "Profile" => array('var' => 'profile'), "Serious" => array('var' => 'vSerious'), "High" => array('var' => 'vHigh'), "Medium" => array('var' => 'vMed'), "Low" => array('var' => 'vLow'), "Info" => array('var' => 'vInfo'), "Links" => $fieldMapLinks);
        if (count($tdata) > 1) {
            drawTableLatest($fieldMap, $tdata, "Hosts");
        } else {
            echo "<br><b>" . _("No results found: ") . "<a href='sched.php?smethod=schedule&hosts_alive=1&scan_locally=1'>" . _("Click here to run a Vulnerability Scan now") . "</a><br><br></b>";
        }
    }
    // draw the pager again, if viewing all hosts
    if (!$filteredView && $reportCount > 10) {
        echo "<p align=center>\n<a href=\"index.php?offset=0" . $url_allres . $url_filter . "\" class=\"pager\">&lt&lt " . _("First") . "</a>\n<a href=\"index.php?offset={$previous}" . $url_allres . $url_filter . "\" class=\"pager\">&lt " . _("Previous") . " </a>";
        echo "&nbsp;&nbsp;&nbsp;[ " . ($offset + 1) . " - {$pageEnd} " . _("of") . " {$reportCount} ]&nbsp;&nbsp;&nbsp;";
        if ($reportCount > $pageEnd) {
            echo "<a href=\"index.php?offset={$next}" . $url_allres . $url_filter . "\" class=\"pager\"> " . _("Next") . " &gt;</a>\n    <a href=\"index.php?offset={$last}" . $url_allres . $url_filter . "\" class=\"pager\"> " . _("Last") . " &gt;&gt;</a>";
        }
        echo "</p>";
    }
}