function script_id($id, $lookup, $details)
{
global $showlive, $last30, $org, $site, $uroles, $username, $dbconn;
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
if (!$uroles['reports'] && !$uroles['admin']) {
if ($org == "" && $site == "") {
$org_code = "";
}
} else {
$org_code = "";
}
$sql_filter = "";
if ($org_code) {
$sql_filter = " AND ORG='{$org_code}'";
} elseif ($org) {
$sql_filter = " AND ORG='{$org}'";
}
if ($site) {
$sql_filter .= " AND site_code='{$site}'";
}
if ($lookup == "bysubnets") {
$query = "SELECT t1.site_code, t1.ORG, t3.hostip, t3.hostname, t1.dtLastScanned, t3.service, t3.risk, t3.msg\n\t\t\tFROM vuln_subnets t1\n\t\t\tLEFT JOIN vuln_jobs t2 ON t1.CIDR = t2.fk_name\n\t\t\t\tAND ( t2.scan_SUBMIT >= t1.dtLastScanned OR t1.report_id = t2.report_id )\n\t\t\tLEFT JOIN vuln_nessus_results t3 ON t2.report_id = t3.report_id\n\t\t\tWHERE {$sql_filter} t1.status != 'available' and t1.serial_flag='N' AND\n\t\t\tt3.scriptid='{$id}' GROUP BY t3.hostip ORDER BY INET_NTOA(t3.hostip) ASC";
} elseif ($lookup == "byage") {
subtractTime($hours = 0, $minutes = 0, $seconds = 0, $months = 0, $days = 0, $years = 0);
$query = "SELECT t1.site_code, t1.ORG, t1.hostip, t1.hostname, t1.lastscandate, t2.service, t2.risk, t2.msg\n\t\t\tFROM vuln_hosts t1\n\t\t\tLEFT JOIN vuln_Incidents t2 ON t1.id = t2.host_id\n\t\t\tWHERE {$sql_filter} t2.status != 'resolved' AND t2.scriptid='{$id}'\n\t\t\tGROUP BY t2.host_id ORDER BY t1.site_code";
} else {
$query = "SELECT t2.site_code, t2.ORG, t2.hostip, t2.hostname, t2.lastscandate, t1.service, t1.risk, t1.msg\n\t\t FROM vuln_Incidents t1\n\t\t LEFT JOIN vuln_hosts t2 on t1.host_id=t2.id\n\t\t WHERE t1.scriptid='{$id}' and t1.status = 'open' {$sql_filter} ORDER BY t2.ORG,t2.site_code,t2.lastscandate";
}
$result = $dbconn->execute($query);
#ECHO "sql=$query<br>";
echo "<table summary=\"Plugin Matches [ <font color=red>{$pid}</a> ]\" border=\"1\" width=\"100%\">";
if ($details == "1") {
echo "<tr><td colspan=7><h4>Vulnerabilities found:</h4></tr>\n\t\t<tr>\n\t\t\t<td><font face=\"Verdana\" color=\"#666666\" size=\"4\"><b>Host </b></font></td>\n \t\t<td><font face=\"Verdana\" color=\"#666666\" size=\"4\"><b>Severity </b></font></td>\n \t\t<td colspan=5><font face=\"Verdana\" color=\"#666666\" size=\"4\"><b>Description </b></font></td>\n \t</tr>";
} else {
echo "<tr><td colspan=7><h4>Vulnerabilities found:</h4></tr>";
}
$htmldetails = "";
$i = 0;
while (!$result->EOF) {
list($sCODE, $sORG, $hostIP, $hostname, $lastscanned, $service, $risk, $msg) = $result->fields;
$i = $i += 1;
$msg = preg_replace("/^[ \t]*/", "", $msg);
$msg = wordwrap(preg_replace("/\n/", "<br>", $msg), 100, "<br>", 1);
if ($details == "1") {
$htmldetails .= "<tr>\n\t\t\t<td>{$hostIP}<br>{$hostname}</td>\n \t\t<td>{$service}<br>" . getrisk($risk) . "</td>\n \t\t<td colspan=5>{$msg}</td>\n \t</tr>";
} else {
if ($htmldetails == "") {
$legendcode = "</table><br>" . printLegend() . "<br><table border=\"1\" width=\"100%\">";
$htmldetails .= "<tr><td>RISK</td><td colspan=6>" . getrisk($risk) . "</td></tr>\n \t\t<tr><td>SERVICE</td><td colspan=6>{$service}</td></tr>\n \t\t<tr><td>MSG</td><td colspan=6>{$msg}</td></tr>\n\t\t\t\t<tr><td colspan=7> </td></tr>\n\t\t\t\t{$legendcode}\n\t\t\t\t<tr><td colspan=7><h4>VULNERABLE HOSTS</h4></td></tr>\n\t\t\t\t<tr><td colspan=7> </td></tr>\n\t\t\t\t<tr><td>COUNT</td>\n\t\t\t\t\t<td>STATUS</td>\n\t\t\t\t\t<td>HOSTIP</td>\n\t\t\t\t\t<td>HOSTNAME</td>\n\t\t\t\t\t<td>SITE</td>\n\t\t\t\t\t<td>ORG</td>\n\t\t\t\t\t<td>LastScanned</td>\n\t\t\t\t</tr>";
}
if ($showlive) {
$arrHOST = check_host($hostname, $hostIP);
if ($arrHOST['hostname']) {
$hostname = $arrHOST['hostname'];
}
if ($arrHOST['hostip']) {
$hostIP = $arrHOST['hostip'];
}
$rating = $arrHOST['rating'];
$rating_color = $arrHOST['rating_color'];
}
if ($sCODE == $sORG) {
$sORG = " ";
}
# no reason to show it twice
if (!$showlive || $rating >= 3) {
$htmldetails .= "<tr>\n \t\t<td>[{$i}]</td>\n \t\t<td bgcolor=\"{$rating_color}\">{$rating}</td>\n \t\t<td>{$hostIP}</td>\n \t\t<td>{$hostname}</td>\n \t\t<td>{$sCODE}</td>\n \t\t<td>{$sORG}</td>\n \t\t<td>{$lastscanned}</td>\n \t\t</tr>";
}
}
$result->MoveNext();
}
echo $htmldetails;
echo "</table>";
}
<?php
include "../config.php";
include "../functions.php";
$operazione = $_POST['operazione'];
printHTMLHead($stylefile, $jsfile);
print "<table width=100%><tr><td valign=top><a href='../home.php'><img src='{$img_home}' width=35px height=35px></a></td>";
print "<td>";
printLegend($img_cube, $img_mea, $img_dim, $img_hier, $img_lev, $img_prop);
print "</td></tr></table>";
print "<center>";
print "<form id='form_report' name='form_report' action='../olap/report.php' method='post'>";
print "<table cellspacing=5 cellpadding=5 width=100% border=0>";
print "<tr>";
print "<td width=30% valign='top'>";
print "<script>init_images('{$img_minus}','{$img_plus}')</script>";
include_once "cubes.php";
print "<p>";
print "<div id='divTree'>";
print "</div>";
print "</td>";
print "<td valign=top align=center>";
//*************************************************REPORT **************************************************
print "<table border=1 id='report'>";
print "<tr id='rep_header'>";
print "</tr>";
print "</table>";
//print "<p><a style='width:120px' class='button' href='#' onclick='invia(\"form_report\")'>Create Report</a>";
print "<p><a style='width:120px' class='button' href='#' onClick='check_cube2()'>Create Report</a>";
print "<br>";
//**********************************************Selected Data
