$query = "SELECT Vuln.IP_URL,Plugin.Name,Vuln.Vuln_Info,Vuln.Level FROM Plugin,Scan,Vuln WHERE Vuln.Scan_ID=Scan.ID AND Vuln.Plugin_ID=Plugin.ID AND Scan.ID={$scanID} AND Scan.User_ID='{$userid}' ORDER BY Vuln.IP_URL,Vuln.Level";
// echo $query.'<br>';
$ret = array();
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
// var_dump($row);
foreach ($row as $key => $value) {
// echo $key.' => '.$value;
$row[$key] = check_xss($value);
}
$ipurl = $row[0];
$ret[$ipurl][] = array_slice($row, 1);
}
// var_dump($ret);
return $ret;
}
// check login first
if (!already_login()) {
die;
}
$keyword = check_sql(trim($_REQUEST['keyword']));
// echo $keyword . '<br>';
$level = (int) $_REQUEST['level'];
$scanID = (int) $_REQUEST['scanid'];
if ($scanID and $scanID != '') {
$data = search_vuln($scanID);
echo json_encode($data);
} else {
$data = search_scan($level, $keyword);
echo json_encode($data);
}
}
if ($pKeyword != '') {
$query .= " AND Scan.Url LIKE '%{$pKeyword}%'";
}
if (is_int($pId) and $pId > 0) {
$query .= " AND Scan.ID={$pId}";
}
// echo $query.'<br>';
$ret = array('data' => array());
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
// var_dump($row);
foreach ($row as $key => $value) {
// echo $key.' => '.$value;
$row[$key] = check_xss($value);
}
$ret['data'][] = $row;
// var_dump($row);
}
return $ret;
}
// check login first
if (!already_login()) {
die;
}
$keyword = check_sql(trim($_REQUEST['keyword']));
// echo $keyword . '<br>';
$level = (int) $_REQUEST['level'];
$scanID = (int) $_REQUEST['scanid'];
$data = search_scan($level, $keyword, $scanID);
echo json_encode($data);
