Example #1
0
function edit_serverprefs($dbconn, $sid)
{
    navbar($sid);
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    // get the profile prefs for use later
    $uuid = Util::get_encryption_key();
    $sql = "SELECT t.nessusgroup, t.nessus_id, t.field, t.type, t.value AS def_value, AES_DECRYPT(t.value,'{$uuid}') AS def_value_decrypt, n.value, AES_DECRYPT(n.value,'{$uuid}') AS value_decrypt, t.category\n            FROM vuln_nessus_preferences_defaults t\n            LEFT JOIN vuln_nessus_settings_preferences n\n            ON t.nessus_id = n.nessus_id and n.sid = {$sid}\n            ORDER BY category desc, nessusgroup, nessus_id";
    $result = $dbconn->execute($sql);
    if ($result === false) {
        // SQL error
        echo _("Error") . ": " . _("There was an error with the DB lookup") . ": " . $dbconn->ErrorMsg() . "<br>";
    }
    $counter = 0;
    // display the settings form
    $lastvalue = "";
    echo "<center><form method=\"post\" id=\"pform\" action=\"settings.php\">";
    echo "<input type=\"hidden\" name=\"type\" value=\"save_prefs\">";
    echo "<input type=\"hidden\" name=\"sid\" value=\"{$sid}\">";
    print "<table cellspacing='2' cellpadding='4'>";
    while (!$result->EOF) {
        $counter++;
        $nessusgroup = $result->fields['nessusgroup'];
        $nessus_id = $result->fields['nessus_id'];
        $field = $result->fields['field'];
        $type = $result->fields['type'];
        $default = $result->fields['type'] != 'P' || $result->fields['type'] == 'P' && empty($result->fields['def_value_decrypt']) ? $result->fields['def_value'] : $result->fields['def_value_decrypt'];
        $value = $result->fields['type'] != 'P' || $result->fields['type'] == 'P' && empty($result->fields['value_decrypt']) ? $result->fields['value'] : $result->fields['value_decrypt'];
        $category = $result->fields['category'];
        if ($nessusgroup != $lastvalue) {
            print "<tr><th colspan='2'><strong>{$nessusgroup}</strong></th></tr>";
            $lastvalue = $nessusgroup;
        }
        $vname = "form" . $counter;
        print formprint($nessus_id, $field, $vname, $type, $default, $value, $dbconn);
        $result->MoveNext();
    }
    echo "</table>";
    echo "<br/><input type='button' value='" . _("Save preferences") . "' id='update_preferences'></form></center><br/>";
}
Example #2
0
function edit_serverprefs($sid)
{
    global $dbconn;
    navbar($sid);
    // get the profile prefs for use later
    /* $sql = "SELECT t.nessusgroup, t.nessus_id, t.field, 
       t.type, d.value, n.value, t.category
       FROM vuln_nessus_preferences_defaults t
          LEFT JOIN vuln_nessus_preferences d
             ON t.nessus_id = d.nessus_id
          LEFT JOIN vuln_nessus_settings_preferences n
             ON t.nessus_id = n.nessus_id
                and n.sid = $sid
       order by category desc, nessusgroup, nessus_id";*/
    $uuid = Util::get_system_uuid();
    $sql = "SELECT t.nessusgroup, t.nessus_id, t.field, t.type, t.value AS def_value, AES_DECRYPT(t.value,'{$uuid}') AS def_value_decrypt, n.value, AES_DECRYPT(n.value,'{$uuid}') AS value_decrypt, t.category\n\t\t\tFROM vuln_nessus_preferences_defaults t\n\t\t\tLEFT JOIN vuln_nessus_settings_preferences n\n\t\t\tON t.nessus_id = n.nessus_id and n.sid = {$sid}\n\t\t\tORDER BY category desc, nessusgroup, nessus_id";
    $result = $dbconn->execute($sql);
    if ($result === false) {
        // SQL error
        echo _("Error") . ": " . _("There was an error with the DB lookup") . ": " . $dbconn->ErrorMsg() . "<br>";
    }
    $counter = 0;
    // display the settings form
    $lastvalue = "";
    echo "<center><form method=\"post\" action=\"settings.php\">";
    echo "<input type=\"hidden\" name=\"disp\" value=\"saveprefs\">";
    echo "<input type=\"hidden\" name=\"sid\" value=\"{$sid}\">";
    ?>
<div id="div_saveprefs" style="display:none;padding-bottom:8px;">
	<img width="16" align="absmiddle" src="./images/loading.gif" border="0" alt="<?php 
    echo _("Applying changes...");
    ?>
" title="<?php 
    echo _("Applying changes...");
    ?>
">
	&nbsp;<?php 
    echo _("Applying changes, please wait few seconds...");
    ?>
</div>
<?php 
    print "<table>";
    while (!$result->EOF) {
        $counter++;
        $nessusgroup = $result->fields['nessusgroup'];
        $nessus_id = $result->fields['nessus_id'];
        $field = $result->fields['field'];
        $type = $result->fields['type'];
        $default = $result->fields['type'] != 'P' || $result->fields['type'] == 'P' && empty($result->fields['def_value_decrypt']) ? $result->fields['def_value'] : $result->fields['def_value_decrypt'];
        $value = $result->fields['type'] != 'P' || $result->fields['type'] == 'P' && empty($result->fields['value_decrypt']) ? $result->fields['value'] : $result->fields['value_decrypt'];
        $category = $result->fields['category'];
        if ($nessusgroup != $lastvalue) {
            print "<tr><th colspan='2'><strong>{$nessusgroup}</strong></th></tr>";
            $lastvalue = $nessusgroup;
        }
        $vname = "form" . $counter;
        print formprint($nessus_id, $field, $vname, $type, $default, $value, $dbconn);
        $result->MoveNext();
    }
    echo "</table>";
    echo "<br/><input type=\"submit\" name=\"submit\" value=\"" . _("save") . "\" class=\"button saveprefs\"></form></center><br/>";
}
Example #3
0
        echo "<BR><BR><BR><CENTER><B>" . _("Nessus settings saved, please proceed to the") . " <A href=\"settings.php\">" . _("Profile Selection") . "</A> " . _("page") . ".</B></CENTER><BR>";
    } else {
        //logAccess( "Display default preferences table" );
        $lastvalue = "";
        print "<center>";
        print "<form method=\"post\" action=\"defaults.php\"><input type=\"hidden\" name=\"prefs\" value=\"1\"><input type=\"submit\" name=\"submit\" value=\"" . _("save") . "\" class=\"button\"><BR><BR>";
        print "<table border=\"0\">";
        while (!$result->EOF) {
            $counter++;
            list($nessusgroup, $nessus_id, $field, $type, $default, $value, $category) = $result->fields;
            if ($nessusgroup != $lastvalue) {
                print "<tr><th><b>{$nessusgroup}</b></th><th></th></tr>";
                $lastvalue = $nessusgroup;
            }
            $vname = "form" . $counter;
            print formprint($field, $vname, $type, $default, $value);
            $result->MoveNext();
        }
        echo "</table><BR><BR><INPUT type=\"submit\" name=\"submit\" value=\"" . _("save") . "\" class=\"button\"><BR><BR>\n            </form>\n            </center></td></tr></table></center>";
    }
} elseif ($prefs == "4") {
    //logAccess( "View detault nessus configuration" );
    echo "<center>";
    echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"800\">";
    echo "<tr><td class=\"nobborder\" style=\"padding-top:5px;padding-bottom:10px;\">";
    echo "<form>";
    echo "<center>";
    echo "<input type=\"button\" onclick=\"document.location.href='defaults.php?prefs=1'\" value=\"" . _("Preferences") . "\" class=\"" . ($prefs == 1 ? "buttonon" : "button") . "\">&nbsp;&nbsp;&nbsp;";
    echo "<input type=\"button\" onclick=\"document.location.href='defaults.php?prefs=3'\" value=\"" . _("Plugins") . "\" class=\"" . ($prefs == 3 ? "buttonon" : "button") . "\">&nbsp;&nbsp;&nbsp;";
    echo "<input type=\"button\" onclick=\"document.location.href='defaults.php?prefs=4'\" value=\"" . _("View Configuration File") . "\" class=\"" . ($prefs == 4 ? "buttonon" : "button") . "\"><br><br>";
    echo "</center>";