$query = "SELECT Vuln.IP_URL,Plugin.Name,Vuln.Vuln_Info,Vuln.Level FROM Plugin,Scan,Vuln WHERE Vuln.Scan_ID=Scan.ID AND Vuln.Plugin_ID=Plugin.ID AND Scan.ID={$scanID} AND Scan.User_ID='{$userid}' ORDER BY Vuln.IP_URL,Vuln.Level"; // echo $query.'<br>'; $ret = array(); $result = mysql_query($query); while ($row = mysql_fetch_row($result)) { // var_dump($row); foreach ($row as $key => $value) { // echo $key.' => '.$value; $row[$key] = check_xss($value); } $ipurl = $row[0]; $ret[$ipurl][] = array_slice($row, 1); } // var_dump($ret); return $ret; } // check login first if (!already_login()) { die; } $keyword = check_sql(trim($_REQUEST['keyword'])); // echo $keyword . '<br>'; $level = (int) $_REQUEST['level']; $scanID = (int) $_REQUEST['scanid']; if ($scanID and $scanID != '') { $data = search_vuln($scanID); echo json_encode($data); } else { $data = search_scan($level, $keyword); echo json_encode($data); }
} if ($pKeyword != '') { $query .= " AND Scan.Url LIKE '%{$pKeyword}%'"; } if (is_int($pId) and $pId > 0) { $query .= " AND Scan.ID={$pId}"; } // echo $query.'<br>'; $ret = array('data' => array()); $result = mysql_query($query); while ($row = mysql_fetch_row($result)) { // var_dump($row); foreach ($row as $key => $value) { // echo $key.' => '.$value; $row[$key] = check_xss($value); } $ret['data'][] = $row; // var_dump($row); } return $ret; } // check login first if (!already_login()) { die; } $keyword = check_sql(trim($_REQUEST['keyword'])); // echo $keyword . '<br>'; $level = (int) $_REQUEST['level']; $scanID = (int) $_REQUEST['scanid']; $data = search_scan($level, $keyword, $scanID); echo json_encode($data);