function onMeta()
{
# Run this function during meta-load (debugmode >>ONLY<<)
###### -> Construct should add this module to the onMeta array
if (!is_dir(CONS_FMANAGER . "_undodata/")) {
safe_mkdir(CONS_FMANAGER . "_undodata/");
}
}
function onMeta()
{
# Run this function during meta-load (debugmode >>ONLY<<)
###### -> Construct should add this module to the onMeta array
if (!is_dir(CONS_FMANAGER . CONS_FMANAGER_SAFE)) {
safe_mkdir(CONS_FMANAGER . CONS_FMANAGER_SAFE);
}
if (!isset($this->parent->dimconfig['default_fm_time'])) {
$this->parent->dimconfig['default_fm_time'] = 30;
}
// default expiration date, set 0 to none
}
function recursive_copy($source, $destination)
{
$counter = 0;
if (substr($source, strlen($source), 1) != "/") {
$source .= "/";
}
if (substr($destination, strlen($destination), 1) != "/") {
$destination .= "/";
}
if (!is_dir($destination)) {
makeDirs($destination);
}
$itens = listFiles($source);
foreach ($itens as $id => $name) {
if ($name[0] == "/") {
$name = substr($name, 1);
}
if (is_file($source . $name)) {
// file
if ($name != "Thumbs.db") {
$counter++;
if (!copy($source . $name, $destination . $name)) {
echo "Error: " . $source . $name . " -> " . $destination . $name . "<br/>";
} else {
safe_chmod($destination . $name, 0775);
}
} else {
@unlink($source . $name);
}
} else {
if (is_dir($source . $name)) {
// dir
if (!is_dir($destination . $name)) {
safe_mkdir($destination . $name);
}
$counter += recursive_copy($source . $name, $destination . $name);
}
}
}
return $counter;
}
function makeDirs($path, $base = "")
{
if ($base != "" && substr($base, strlen($base) - 1) != "/") {
$base .= '/';
}
$paths = explode("/", $path);
if ($base != "" && !is_dir($base)) {
if (!safe_mkdir($base)) {
return false;
}
}
while (count($paths) > 0) {
$starter = array_shift($paths);
if ($starter != "") {
$base .= $starter . "/";
if (!is_dir($base)) {
if (!safe_mkdir($base)) {
return false;
}
}
}
}
return true;
}
$stateorprovince = $stateorprovinceA[1];
$cityname = $citynameA[1];
$orginizationname = $orginizationnameA[1];
$orginizationdepartment = $orginizationdepartmentA[1];
$commonname = $commonnameA[1];
if ($_POST) {
/* Grab posted variables and create a new openssl.cnf */
$countrycode = $_POST['countrycode'];
$stateorprovince = $_POST['stateorprovince'];
$cityname = $_POST['cityname'];
$orginizationname = $_POST['orginizationname'];
$orginizationdepartment = $_POST['orginizationdepartment'];
$commonname = $_POST['commonname'];
/* Write out /var/etc/ssl/openssl.cnf */
conf_mount_rw();
safe_mkdir("/usr/local/ssl/");
$fd = fopen("/usr/local/ssl/openssl.cnf", "w");
fwrite($fd, "");
fwrite($fd, "[ req ]\n");
fwrite($fd, "distinguished_name=req_distinguished_name \n");
fwrite($fd, "req_extensions = v3_req \n");
fwrite($fd, "prompt=no\n");
fwrite($fd, "default_bits = 1024\n");
fwrite($fd, "default_keyfile = privkey.pem\n");
fwrite($fd, "distinguished_name = req_distinguished_name\n");
fwrite($fd, "attributes = req_attributes\n");
fwrite($fd, "x509_extensions = v3_ca # The extentions to add to the self signed cert\n");
fwrite($fd, "[ req_distinguished_name ] \n");
fwrite($fd, "C=" . $countrycode . " \n");
fwrite($fd, "ST=" . $stateorprovince . " \n");
fwrite($fd, "L=" . $cityname . " \n");
update_status(gettext("Copying md5 sig to snort directory..."));
@copy("{$tmpfname}/{$emergingthreats_filename_md5}", "{$snortdir}/{$emergingthreats_filename_md5}");
}
}
}
/* Untar snort rules file individually to help people with low system specs */
if ($snortdownload == 'on') {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
if ($pfsense_stable == 'yes') {
$freebsd_version_so = 'FreeBSD-7-2';
} else {
$freebsd_version_so = 'FreeBSD-8-1';
}
update_status(gettext("Extracting Snort.org rules..."));
/* extract snort.org rules and add prefix to all snort.org files*/
safe_mkdir("{$snortdir}/tmp/snortrules");
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp/snortrules rules/");
$files = glob("{$snortdir}/tmp/snortrules/rules/*.rules");
foreach ($files as $file) {
$newfile = basename($file);
@copy($file, "{$snortdir}/rules/snort_{$newfile}");
}
/* IP lists */
$files = glob("{$snortdir}/tmp/snortrules/rules/*.txt");
foreach ($files as $file) {
$newfile = basename($file);
@copy($file, "{$snortdir}/rules/{$newfile}");
}
exec("rm -r {$snortdir}/tmp/snortrules");
/* extract so rules */
exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
$external_net = "[" . trim($external_net) . "]";
} else {
foreach ($home_net_list as $ip) {
$external_net .= "!{$ip},";
}
$external_net = trim($external_net, ', ');
}
/* User added custom configuration arguments */
$snort_config_pass_thru = str_replace("\r", "", base64_decode($snortcfg['configpassthru']));
// Remove the trailing newline
$snort_config_pass_thru = rtrim($snort_config_pass_thru);
/* create a few directories and ensure the sample files are in place */
$snort_dirs = array($snortdir, $snortcfgdir, "{$snortcfgdir}/rules", "{$snortlogdir}/snort_{$if_real}{$snort_uuid}", "{$snortlogdir}/snort_{$if_real}{$snort_uuid}/barnyard2", "{$snortcfgdir}/preproc_rules", "dynamicrules" => "{$snortlibdir}/snort_dynamicrules", "dynamicengine" => "{$snortlibdir}/snort_dynamicengine", "dynamicpreprocessor" => "{$snortcfgdir}/snort_dynamicpreprocessor");
foreach ($snort_dirs as $dir) {
if (!is_dir($dir)) {
safe_mkdir($dir);
}
}
/********************************************************************/
/* For fail-safe on an initial startup following installation, and */
/* before a rules update has occurred, copy the default config */
/* files to the interface directory. If files already exist in */
/* the interface directory, or they are newer, that means a rule */
/* update has been done and we should leave the customized files */
/* put in place by the rules update process. */
/********************************************************************/
$snort_files = array("gen-msg.map", "classification.config", "reference.config", "attribute_table.dtd", "sid-msg.map", "unicode.map", "file_magic.conf", "threshold.conf", "preproc_rules/preprocessor.rules", "preproc_rules/decoder.rules", "preproc_rules/sensitive-data.rules");
foreach ($snort_files as $file) {
if (file_exists("{$snortdir}/{$file}")) {
$ftime = filemtime("{$snortdir}/{$file}");
if (!file_exists("{$snortcfgdir}/{$file}") || $ftime > filemtime("{$snortcfgdir}/{$file}")) {
}
/**********************************************************************
* Start of main code *
**********************************************************************/
global $g, $config;
$suricata_geoip_dbdir = SURICATA_PBI_BASEDIR . 'share/GeoIP/';
$geoip_tmppath = "{$g['tmp_path']}/geoipup/";
// If auto-updates of GeoIP are disabled, then exit
if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] == "off") {
exit(0);
} else {
log_error(gettext("[Suricata] Updating the GeoIP country database files..."));
}
// Download the free GeoIP Legacy country name databases for IPv4 and IPv6
// to a temporary location.
safe_mkdir("{$geoip_tmppath}");
if (download_file("http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz", "{$geoip_tmppath}GeoIP.dat.gz") != true) {
log_error(gettext("[Suricata] An error occurred downloading the 'GeoIP.dat.gz' update file for GeoIP."));
}
if (download_file("http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz", "{$geoip_tmppath}GeoIPv6.dat.gz") != true) {
log_error(gettext("[Suricata] An error occurred downloading the 'GeoIPv6.dat.gz' update file for GeoIP."));
}
// Mount filesystem read-write since we need to write
// the extracted databases to PBI_BASE/share/GeoIP.
conf_mount_rw();
// If the files downloaded successfully, unpack them and store
// the DB files in the PBI_BASE/share/GeoIP directory.
if (file_exists("{$geoip_tmppath}GeoIP.dat.gz")) {
mwexec("/usr/bin/gunzip -f {$geoip_tmppath}GeoIP.dat.gz");
@rename("{$geoip_tmppath}GeoIP.dat", "{$suricata_geoip_dbdir}GeoIP.dat");
}
function pfblockerng_uc_countries()
{
global $g, $pfb;
$maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
$maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
$maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv";
// Create Folders if not Exist
$folder_array = array("{$pfb['dbdir']}", "{$pfb['logdir']}", "{$pfb['ccdir']}");
foreach ($folder_array as $folder) {
safe_mkdir("{$folder}", 0755);
}
$now = date("m/d/y G:i:s", time());
$log = "Country Code Update Start - [ NOW ]\n\n";
print "Country Code Update Start - [ {$now} ]\n\n";
pfb_logger("{$log}", "3");
if (!file_exists($maxmind_cont) || !file_exists($maxmind_cc4) || !file_exists($maxmind_cc6)) {
$log = " [ MAXMIND UPDATE FAIL, CSV Missing, using Previous Country Code Database \n";
print $log;
pfb_logger("{$log}", "3");
return;
}
// Save Date/Time Stamp to MaxMind version file
$maxmind_ver = "MaxMind GeoLite Date/Time Stamps \n\n";
$remote_tds = @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPCountryCSV.zip")));
$maxmind_ver .= "MaxMind_v4 \t" . $remote_tds . "\n";
$local_tds = @gmdate("D, d M Y H:i:s T", filemtime($maxmind_cc4));
$maxmind_ver .= "Local_v4 \tLast-Modified: " . $local_tds . "\n\n";
$remote_tds = @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPv6.csv.gz")));
$maxmind_ver .= "MaxMind_v6 \t" . $remote_tds . "\n";
$local_tds = @gmdate("D, d M Y H:i:s T", filemtime($maxmind_cc6));
$maxmind_ver .= "Local_v6 \tLast-Modified: " . $local_tds . "\n";
$maxmind_ver .= "\nThese Timestamps should *match* \n";
@file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver);
// Collect ISO Codes for Each Continent
$log = "Processing Continent Data\n";
print $log;
pfb_logger("{$log}", "3");
$cont_array = array(array($AF), array($AS), array($EU), array($NA), array($OC), array($SA), array($AX));
if (($handle = fopen("{$maxmind_cont}", 'r')) !== FALSE) {
while (($cc = fgetcsv($handle)) !== FALSE) {
$cc_key = $cc[0];
$cont_key = $cc[1];
switch ($cont_key) {
case "AF":
$cont_array[0]['continent'] = "Africa";
$cont_array[0]['iso'] .= "{$cc_key},";
$cont_array[0]['file4'] = "{$pfb['ccdir']}/Africa_v4.txt";
$cont_array[0]['file6'] = "{$pfb['ccdir']}/Africa_v6.txt";
break;
case "AS":
$cont_array[1]['continent'] = "Asia";
$cont_array[1]['iso'] .= "{$cc_key},";
$cont_array[1]['file4'] = "{$pfb['ccdir']}/Asia_v4.txt";
$cont_array[1]['file6'] = "{$pfb['ccdir']}/Asia_v6.txt";
break;
case "EU":
$cont_array[2]['continent'] = "Europe";
$cont_array[2]['iso'] .= "{$cc_key},";
$cont_array[2]['file4'] = "{$pfb['ccdir']}/Europe_v4.txt";
$cont_array[2]['file6'] = "{$pfb['ccdir']}/Europe_v6.txt";
break;
case "NA":
$cont_array[3]['continent'] = "North America";
$cont_array[3]['iso'] .= "{$cc_key},";
$cont_array[3]['file4'] = "{$pfb['ccdir']}/North_America_v4.txt";
$cont_array[3]['file6'] = "{$pfb['ccdir']}/North_America_v6.txt";
break;
case "OC":
$cont_array[4]['continent'] = "Oceania";
$cont_array[4]['iso'] .= "{$cc_key},";
$cont_array[4]['file4'] = "{$pfb['ccdir']}/Oceania_v4.txt";
$cont_array[4]['file6'] = "{$pfb['ccdir']}/Oceania_v6.txt";
break;
case "SA":
$cont_array[5]['continent'] = "South America";
$cont_array[5]['iso'] .= "{$cc_key},";
$cont_array[5]['file4'] = "{$pfb['ccdir']}/South_America_v4.txt";
$cont_array[5]['file6'] = "{$pfb['ccdir']}/South_America_v6.txt";
break;
}
}
}
unset($cc);
fclose($handle);
// Add Maxmind Anonymous Proxy and Satellite Providers to array
$cont_array[6]['continent'] = "Proxy and Satellite";
$cont_array[6]['iso'] = "A1,A2";
$cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt";
$cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt";
// Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6)
foreach (array("4", "6") as $type) {
$log = "Processing ISO IPv{$type} Continent/Country Data\n";
print $log;
pfb_logger("{$log}", "3");
if ($type == "4") {
$maxmind_cc = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
} else {
$maxmind_cc = "{$pfb['dbdir']}/GeoIPv6.csv";
}
$iptype = "ip{$type}";
$filetype = "file{$type}";
if (($handle = fopen("{$maxmind_cc}", 'r')) !== FALSE) {
while (($cc = fgetcsv($handle)) !== FALSE) {
$cc_key = $cc[4];
$country_key = $cc[5];
$a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0], $cc[1]));
$counter = 0;
foreach ($cont_array as $iso) {
if (preg_match("/\\b{$cc_key}\\b/", $iso['iso'])) {
$cont_array[$counter][$cc_key][$iptype] .= $a_cidr . ",";
$cont_array[$counter][$cc_key]['country'] = $country_key;
continue;
}
$counter++;
}
}
}
unset($cc);
fclose($handle);
// Build Continent Files
$counter = 0;
foreach ($cont_array as $iso) {
$header = "";
$pfb_file = "";
$iso_key = "";
$header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
$header .= "# Continent IPv{$type}: " . $cont_array[$counter]['continent'] . "\n";
$pfb_file = $cont_array[$counter][$filetype];
$iso_key = array_keys($iso);
foreach ($iso_key as $key) {
if (preg_match("/[A-Z]{2}|A1|A2/", $key)) {
$header .= "# Country: " . $iso[$key]['country'] . "\n";
$header .= "# ISO Code: " . $key . "\n";
$header .= "# Total Networks: " . substr_count($iso[$key][$iptype], ",") . "\n";
$header .= str_replace(",", "\n", $iso[$key][$iptype]);
$iso[$key][$iptype] = "";
}
}
$counter++;
@file_put_contents($pfb_file, $header, LOCK_EX);
}
}
}
/* except when in post-install mode. Post-install does its own rebuild. */
if ($g['suricata_postinstall']) {
$rebuild_rules = false;
} else {
$rebuild_rules = true;
}
/* Create configuration for each active Suricata interface */
foreach ($config['installedpackages']['suricata']['rule'] as $value) {
$if_real = get_real_interface($value['interface']);
// Make sure the interface subdirectory exists. We need to re-create
// it during a pkg reinstall on the intial rules set download.
if (!is_dir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}")) {
safe_mkdir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}");
}
if (!is_dir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}/rules")) {
safe_mkdir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}/rules");
}
$tmp = "Updating rules configuration for: " . convert_friendly_interface_to_friendly_descr($value['interface']) . " ...";
if ($pkg_interface != "console") {
update_status(gettext($tmp));
update_output_window(gettext("Please wait while Suricata interface files are being updated..."));
}
suricata_apply_customizations($value, $if_real);
$tmp = "\t" . $tmp . "\n";
error_log($tmp, 3, SURICATA_RULES_UPD_LOGFILE);
}
} else {
if ($pkg_interface != "console") {
update_output_window(gettext("Warning: No interfaces configured for Suricata were found..."));
update_output_window(gettext("No interfaces currently have Suricata configured and enabled on them..."));
}
function show_recordings()
{
conf_mount_rw();
safe_mkdir("/etc/phpshellsessions");
if ($recording) {
conf_mount_ro();
}
echo "==> Sessions available for playback are:\n";
system("cd /etc/phpshellsessions && ls /etc/phpshellsessions");
echo "==> end of list.\n";
}
function loadLangFile($file, $standard = true, $plugin = '')
{
# loads a templating language file to the template, checks if cache is present
# called by /index.php
$file .= ".php";
$strippedFile = str_replace("/", "_", $file);
if ($standard) {
if ($plugin == "") {
$file = CONS_PATH_SETTINGS . "locale/" . $file;
} else {
$file = CONS_PATH_SYSTEM . "plugins/{$plugin}/locale/{$file}";
}
} else {
$file = CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale/{$file}";
}
if (!is_file($file)) {
return false;
}
if (!isset($_REQUEST['nocache'])) {
# if nocache is specified, ignore caches ... not the case
if ($standard) {
if ($plugin != '') {
$plugin .= '/';
}
if (!is_dir(CONS_PATH_CACHE . "locale/{$plugin}")) {
safe_mkdir(CONS_PATH_CACHE . "locale/{$plugin}");
}
$cacheFile = CONS_PATH_CACHE . "locale/{$plugin}" . $strippedFile . ".cache";
$cacheMTFile = CONS_PATH_CACHE . "locale/{$plugin}" . $strippedFile . ".cachemd";
} else {
if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/")) {
safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/");
}
$cacheFile = CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/" . $strippedFile . ".cache";
$cacheMTFile = CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/" . $strippedFile . ".cachemd";
}
if (is_file($cacheFile) && is_file($cacheMTFile)) {
$ofMD = filemtime($file);
# modify date of ORIGINAL file
$cMD = cReadFile($cacheMTFile);
# modify date of ORIGINAL file when CACHE file was created
if ($cMD == $ofMD) {
# valid cache file (it was created from the current original file)
$newData = @unserialize(cReadFile($cacheFile));
if (is_array($newData)) {
$this->parent->template->lang_replacer = array_merge($this->parent->template->lang_replacer, $newData);
return true;
} else {
$this->parent->errorControl->raise(6, $_SESSION[CONS_SESSION_LANG], $plugin, $standard ? "standard" : "non-standard");
}
} else {
if ($this->parent->debugmode && CONS_CACHE) {
# Warning: if the lang file was replaced, template caches might be invalid
# So we must delete ALL TEMPLATE CACHES!
$this->parent->cacheControl->dumpTemplateCaches();
}
}
}
}
# no cache available or no cache specified
$data = (include $file);
if ($data === false || !is_array($data)) {
$this->parent->errorControl->raise(7, $_SESSION[CONS_SESSION_LANG], $plugin, $standard ? "standard" : "non-standard");
return false;
}
if (!isset($_REQUEST['nocache'])) {
$ofMD = filemtime($file);
cWriteFile($cacheMTFile, $ofMD);
cWriteFile($cacheFile, serialize($data));
}
foreach ($data as $term => $trans) {
$this->parent->template->lang_replacer[$term] = $trans;
// array_merge has issues
}
return true;
}
}
// If auto-updates of ET IQRisk are disabled, then exit
if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == "off") {
return 0;
} else {
log_error(gettext("[Suricata] Updating the Emerging Threats IQRisk IP List..."));
}
// Construct the download URL using the saved ET IQRisk Subscriber Code
if (!empty($config['installedpackages']['suricata']['config'][0]['iqrisk_code'])) {
$et_iqrisk_url = str_replace("_xxx_", $config['installedpackages']['suricata']['config'][0]['iqrisk_code'], ET_IQRISK_DNLD_URL);
} else {
log_error(gettext("[Suricata] No IQRisk subscriber code found! Aborting scheduled update of Emerging Threats IQRisk IP List."));
return 0;
}
// Download the IP List files to a temporary location
safe_mkdir("{$iqRisk_tmppath}");
// Test the posted MD5 checksum file against our local copy
// to see if an update has been posted for 'categories.txt'.
if (suricata_check_iprep_md5("categories.txt")) {
log_error(gettext("[Suricata] An updated IPREP 'categories.txt' file is available...downloading new file."));
if (download_file("{$et_iqrisk_url}categories.txt", "{$iqRisk_tmppath}categories.txt") != true) {
log_error(gettext("[Suricata] An error occurred downloading the 'categories.txt' file for IQRisk."));
} else {
// If the files downloaded successfully, unpack them and store
// the list files in the SURICATA_IPREP_PATH directory.
if (file_exists("{$iqRisk_tmppath}categories.txt") && file_exists("{$iqRisk_tmppath}categories.txt.md5")) {
$new_md5 = trim(file_get_contents("{$iqRisk_tmppath}categories.txt.md5"));
if ($new_md5 == md5_file("{$iqRisk_tmppath}categories.txt")) {
@rename("{$iqRisk_tmppath}categories.txt", "{$iprep_path}categories.txt");
@rename("{$iqRisk_tmppath}categories.txt.md5", "{$iprep_path}categories.txt.md5");
$success = TRUE;
}
}
if ($_POST['remove']) {
exec("/sbin/pfctl -t {$suri_pf_table} -T flush");
header("Location: /suricata/suricata_blocked.php");
exit;
}
/* TODO: build a file with block ip and disc */
if ($_POST['download']) {
$blocked_ips_array_save = "";
exec("/sbin/pfctl -t {$suri_pf_table} -T show", $blocked_ips_array_save);
/* build the list */
if (is_array($blocked_ips_array_save) && count($blocked_ips_array_save) > 0) {
$save_date = date("Y-m-d-H-i-s");
$file_name = "suricata_blocked_{$save_date}.tar.gz";
safe_mkdir("{$g['tmp_path']}/suricata_blocked");
file_put_contents("{$g['tmp_path']}/suricata_blocked/suricata_block.pf", "");
foreach ($blocked_ips_array_save as $counter => $fileline) {
if (empty($fileline)) {
continue;
}
$fileline = trim($fileline, " \n\t");
file_put_contents("{$g['tmp_path']}/suricata_blocked/suricata_block.pf", "{$fileline}\n", FILE_APPEND);
}
// Create a tar gzip archive of blocked host IP addresses
exec("/usr/bin/tar -czf {$g['tmp_path']}/{$file_name} -C{$g['tmp_path']}/suricata_blocked suricata_block.pf");
// If we successfully created the archive, send it to the browser.
if (file_exists("{$g['tmp_path']}/{$file_name}")) {
ob_start();
//important or other posts will fail
if (isset($_SERVER['HTTPS'])) {
/* fix up the preprocessor rules filenames from a PBI package install */
$preproc_rules = array("decoder.rules", "preprocessor.rules", "sensitive-data.rules");
foreach ($preproc_rules as $file) {
if (file_exists("{$snortdir}/preproc_rules/{$file}-sample")) {
@rename("{$snortdir}/preproc_rules/{$file}-sample", "{$snortdir}/preproc_rules/{$file}");
}
}
/* Remove any previously installed scripts since we rebuild them */
unlink_if_exists("{$snortdir}/sid");
unlink_if_exists("{$rcdir}snort.sh");
unlink_if_exists("{$rcdir}barnyard2");
/* Create required log and db directories in /var */
safe_mkdir(SNORTLOGDIR);
safe_mkdir(SNORT_IPREP_PATH);
safe_mkdir(SNORT_SID_MODS_PATH);
safe_mkdir(SNORT_APPID_ODP_PATH);
/* If installed, absorb the Snort Dashboard Widget into this package */
/* by removing it as a separately installed package. */
$pkgid = get_pkg_id("Dashboard Widget: Snort");
if ($pkgid >= 0) {
log_error(gettext("[Snort] Removing legacy 'Dashboard Widget: Snort' package because the widget is now part of the Snort package."));
unset($config['installedpackages']['package'][$pkgid]);
unlink_if_exists("/usr/local/pkg/widget-snort.xml");
}
/* Define a default Dashboard Widget Container for Snort */
$snort_widget_container = "snort_alerts-container:col2:close";
/*********************************************************/
/* START OF BUG FIX CODE */
/* */
/* Remove any Snort cron tasks that may have been left */
/* from a previous uninstall due to a bug that saved */
$command = "";
}
if ($first_command == "reset") {
$playbackbuffer = "";
echo "\nBuffer reset.\n\n";
continue;
}
if ($first_command == "record") {
if (!$command_split[1]) {
echo "usage: record playbackname\n";
echo "\tplaybackname will be created in /etc/phpshellsessions.\n";
$command = "";
} else {
/* time to record */
conf_mount_rw();
safe_mkdir("/etc/phpshellsessions");
$recording_fn = basename($command_split[1]);
$recording_fd = fopen("/etc/phpshellsessions/{$recording_fn}", "w");
if (!$recording_fd) {
echo "Could not start recording session.\n";
$command = "";
} else {
$recording = true;
echo "Recording of {$recording_fn} started.\n";
$command = "";
}
}
}
$playbackbuffer .= $command . "\n";
}
function show_recordings()
killbyname("barnyard2");
sleep(2);
// Delete any leftover barnyard2 PID files in /var/run
unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid");
}
// Set flag for post-install in progress
$g['suricata_postinstall'] = true;
// Mount file system read/write so we can modify some files
conf_mount_rw();
// Remove any previously installed script since we rebuild it
@unlink("{$rcdir}suricata.sh");
// Create the top-tier log directory
safe_mkdir(SURICATALOGDIR);
// Create the IP Rep and SID Mods lists directory
safe_mkdir(SID_MODS_PATH);
safe_mkdir(IPREP_PATH);
// remake saved settings if previously flagged
if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') {
log_error(gettext("[Suricata] Saved settings detected... rebuilding installation with saved settings..."));
update_status(gettext("Saved settings detected..."));
/****************************************************************/
/* Do test and fix for duplicate UUIDs if this install was */
/* impacted by the DUP (clone) bug that generated a duplicate */
/* UUID for the cloned interface. Also fix any duplicate */
/* entries in ['rulesets'] for "dns-events.rules". */
/****************************************************************/
if (count($config['installedpackages']['suricata']['rule']) > 0) {
$uuids = array();
$suriconf =& $config['installedpackages']['suricata']['rule'];
foreach ($suriconf as &$suricatacfg) {
// Remove any duplicate ruleset names from earlier bug
function d_mkdir($file, $mod = 755)
{
$file = abs_path($file);
setwritable(dirname($file),true);
if((!FIX && @safe_mkdir($file,octdec($mod))) || d_ftpcom('mkdir', $file))
{
d_ftplist('','flush');
@d_chmod($file,$mod);
return true;
}
return false;
}
function loadMetadata()
{
if (!$this->debugmode) {
return parent::loadMetadata();
}
$this->errorControl->raise(1000);
$this->log = array();
// we don't want the above "log" to cause an abort (yes, this function uses the log size to confirm an error - lame but extremelly effective)
$this->allModulesLoaded = true;
# initial clean up and check
if (!is_dir(CONS_PATH_TEMP)) {
safe_mkdir(CONS_PATH_TEMP);
}
if (!is_dir(CONS_PATH_CACHE)) {
safe_mkdir(CONS_PATH_CACHE);
}
if (!is_dir(CONS_PATH_DINCONFIG)) {
safe_mkdir(CONS_PATH_DINCONFIG);
}
if (!is_dir(CONS_PATH_CACHE . "locale/")) {
safe_mkdir(CONS_PATH_CACHE . "locale/");
}
if (!is_dir(CONS_PATH_LOGS)) {
safe_mkdir(CONS_PATH_LOGS);
}
if (!is_dir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/")) {
safe_mkdir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/");
}
if (!is_dir(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/")) {
safe_mkdir(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/");
}
if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/")) {
safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/");
}
if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/")) {
safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/");
}
if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale")) {
safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/actions/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/actions");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/content/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/content");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/files/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/files");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template");
copy(CONS_PATH_SETTINGS . "defaults/basefile.html", CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/basefile.html");
copy(CONS_PATH_SETTINGS . "defaults/index.html", CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/index.html");
}
if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/mail/")) {
safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/mail");
}
# Dimconfig
if (is_file(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/din.dat")) {
$this->dimconfig = unserialize(cReadFile(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/din.dat"));
}
if ($this->dimconfig === false) {
$this->dimconfig = array();
}
# Error on load
$this->checkConfig();
# clear the meta cache
if (!$this->offlineMode) {
$files = listFiles(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/");
foreach ($files as $file) {
if (is_file(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/" . $file)) {
@unlink(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/" . $file);
}
}
if (!$this->checkinstall()) {
$this->errorControl->raise(118, array_unshift($this->log));
}
if (isset($_REQUEST['nocache'])) {
recursive_del(CONS_PATH_CACHE . $_SESSION['CODE'] . "/pages/", true);
recursive_del(CONS_PATH_CACHE . $_SESSION['CODE'] . "/", false, 'cache');
}
}
# If no database, we are done
if ($this->dbless) {
return count($this->log) == 0;
}
# Search all necessary model files
$parseXMLparams = array(C_XML_RAW => true, C_XML_AUTOPARSE => true, C_XML_REMOVECOMMENTS => true);
$xml = new xmlHandler();
$model = is_file(CONS_PATH_SETTINGS . "default.xml") ? cReadFile(CONS_PATH_SETTINGS . "default.xml") . "\n" : '';
foreach ($this->loadedPlugins as $scriptName => $scriptObj) {
if (is_file(CONS_PATH_SYSTEM . "plugins/" . $scriptName . "/meta.xml")) {
$model .= cReadFile(CONS_PATH_SYSTEM . "plugins/" . $scriptName . "/meta.xml") . "\n";
}
}
unset($scriptName);
unset($scriptObj);
if (is_file(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/meta.xml")) {
$model .= cReadFile(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/meta.xml") . "\n";
}
$model = $xml->parseXML($model, $parseXMLparams, true);
unset($xml);
if ($model === false) {
$this->errorControl->raise(119);
}
# browses the XML and loads modules
$model =& $model->getbranch(0);
$total = $model->total();
$relation = array();
# foreign keys are only created later
$lastLoad = "";
for ($c = 0; $c < $total; $c++) {
# for each module ...
$thisbranch =& $model->getbranch($c);
$total_campos = $thisbranch->total();
# creates the module as from XML settings
$module = strtolower($thisbranch->data[0]);
$param =& $thisbranch->data[1];
$dbname = strtolower(isset($param['dbname']) ? $param['dbname'] : '');
foreach ($this->modules as $name => $otherModule) {
if ($otherModule->dbname == $dbname && $dbname != "" && $module != $otherModule->name) {
$this->errorControl->raise(120, $otherModule->name, $name, $dbname);
}
}
if ($module == '') {
$this->errorControl->raise(107, $dbname, "XML error", "Module after {$lastLoad} is corrupt");
}
$this->loadModule($module, $dbname);
#MODULE CREATE
$lastLoad = $module;
# loads standard data from this object ---------------------------------------------------------------------
# read parameters for the MODULE
foreach ($this->moduleOptions as $mo) {
$this->modules[$module]->options[$mo[0]] = $mo[3] != '' ? array() : '';
}
if (is_array($param)) {
foreach ($param as $pkey => $pcontent) {
$pkey = strtolower($pkey);
switch ($pkey) {
case "key":
case "keys":
# will use default auto_increment "id" if none specified. If you specify more than one, none will be auto_increment and the system will use auto-numbering
$this->modules[$module]->keys = explode(",", $pcontent);
break;
case "title":
$this->modules[$module]->title = strtolower($pcontent);
break;
case "volatile":
# this module can be deleted as a stand-alone volatile item
$this->modules[$module]->options[CONS_MODULE_VOLATILE] = strtolower($pcontent) == "true";
break;
case "parent":
$this->modules[$module]->options[CONS_MODULE_PARENT] = strtolower($pcontent);
// field which denotes parenthood
break;
case "plugins":
case "plugin":
$this->modules[$module]->plugins = explode(",", strtolower($pcontent));
break;
case "order":
$this->modules[$module]->order = trim(strtolower($pcontent));
break;
case "permissionoverride":
if (strlen($pcontent) >= 9) {
$this->modules[$module]->permissionOverride = substr(strtolower($pcontent), 0, 9);
}
break;
case "linker":
$this->modules[$module]->linker = true;
break;
case "systemmodule":
$this->modules[$module]->options[CONS_MODULE_SYSTEM] = true;
break;
case "autoclean":
$this->modules[$module]->options[CONS_MODULE_AUTOCLEAN] = $pcontent;
break;
case "meta":
$this->modules[$module]->options[CONS_MODULE_META] = $pcontent;
break;
case "disallowmultiple":
if (strtolower($pcontent) == "true") {
$this->modules[$module]->options[CONS_MODULE_DISALLOWMULTIPLE] = true;
} else {
unset($this->modules[$module]->options[CONS_MODULE_DISALLOWMULTIPLE]);
}
break;
case "noundo":
if (strtolower($pcontent) == "true") {
$this->modules[$module]->options[CONS_MODULE_NOUNDO] = true;
} else {
unset($this->modules[$module]->options[CONS_MODULE_NOUNDO]);
}
default:
if ($pkey != "name" && $pkey != "dbname") {
$isMO = false;
foreach ($this->moduleOptions as $mo) {
if ($mo[1] == $pkey) {
$isMO = true;
if ($mo[2]) {
$pcontent = strtolower($pcontent);
}
if ($mo[3] != '') {
$pcontent = explode($mo[3], $pcontent);
}
$this->modules[$module]->options[$mo[0]] = $pcontent;
break;
}
}
if (!$isMO) {
$this->modules[$module]->options[$pkey] = $pcontent;
}
}
break;
}
}
#foreach
unset($pkey);
unset($pcontent);
}
if ($this->modules[$module]->options[CONS_MODULE_PARENT] != '' && strpos($this->modules[$module]->order, $this->modules[$module]->options[CONS_MODULE_PARENT]) === false) {
# in tree mode, the field that defines parenthood must be in the order clause, the first if possible
$this->modules[$module]->order = $this->modules[$module]->options[CONS_MODULE_PARENT] . "+" . ($this->modules[$module]->order != '' ? "," . $this->modules[$module]->order : '');
}
# -- ok on reading parameters
$campos = array();
$mandatory = 0;
# browse FIELDS ---------------------------------------------------------------------------------
for ($campo = 0; $campo < $total_campos; $campo++) {
$thiscampo =& $thisbranch->getbranch($campo);
## processParameters #########################################
$campos = $this->processParameters($thiscampo, $campos, $module);
##############################################################
$nomecampo = strtolower($thiscampo->data[0]);
if ($campos[$nomecampo][CONS_XML_TIPO] == CONS_TIPO_LINK) {
array_push($relation, array($module, $nomecampo, $campos[$nomecampo][CONS_XML_MODULE]));
// if this is a non-mandatory link to myself, called "id_parent", and I don't have parent ... well .. obviously this is it
if ($campos[$nomecampo][CONS_XML_MODULE] == $module && !isset($campos[$nomecampo][CONS_XML_MANDATORY]) && $nomecampo == "id_parent" && $this->modules[$module]->options[CONS_MODULE_PARENT] == '') {
$this->modules[$module]->options[CONS_MODULE_PARENT] = $nomecampo;
}
} else {
if ($campos[$nomecampo][CONS_XML_TIPO] == CONS_TIPO_SERIALIZED) {
// browse fields looking for links
foreach ($campos[$nomecampo][CONS_XML_SERIALIZEDMODEL] as $exname => &$exfield) {
if ($exfield[CONS_XML_TIPO] == CONS_TIPO_LINK) {
array_push($relation, array($module, $nomecampo . ":" . $exname, $exfield[CONS_XML_MODULE]));
}
}
}
}
# checks if this field can be NULL or NOT depending on options and mandatory setting
if (isset($campos[$nomecampo][CONS_XML_SQL]) && $campos[$nomecampo][CONS_XML_SQL] != "") {
# relation will not be set
if (isset($campos[$nomecampo][CONS_XML_MANDATORY]) || $campos[$nomecampo][CONS_XML_TIPO] == CONS_TIPO_OPTIONS || isset($campos[$nomecampo][CONS_XML_DEFAULT])) {
$campos[$nomecampo][CONS_XML_SQL] .= " NOT NULL";
$mandatory++;
} else {
$campos[$nomecampo][CONS_XML_SQL] .= " NULL";
}
if (isset($campos[$nomecampo][CONS_XML_DEFAULT])) {
$campos[$nomecampo][CONS_XML_SQL] .= " DEFAULT '" . $campos[$nomecampo][CONS_XML_DEFAULT] . "'";
}
}
}
# this module has a database (it's possible to have modules without a database)
if ($this->modules[$module]->dbname != "") {
# checks standard key "id" if no key specified
if (in_array("id", $this->modules[$module]->keys) && !isset($this->modules[$module]->fields['id']) && !isset($campos['id'])) {
if ($this->modules[$module]->linker) {
$this->modules[$module]->keys = array();
$keys = 0;
foreach ($campos as $fieldname => $fieldobj) {
if (isset($fieldobj[CONS_XML_MODULE])) {
$keys++;
$this->modules[$module]->keys[] = $fieldname;
if ($keys == 2) {
break;
}
}
}
unset($fieldname);
unset($fieldobj);
} else {
$campos['id'][CONS_XML_SQL] = "INT (11) UNSIGNED NOT NULL" . (count($this->modules[$module]->keys) <= 1 ? " AUTO_INCREMENT" : "");
$campos['id'][CONS_XML_TIPO] = CONS_TIPO_INT;
if (count($this->modules[$module]->keys) > 1) {
$campos['id'][CONS_XML_RESTRICT] = 99;
}
}
}
# -- keys (this is done to prevent repeated keys)
$chave = $this->modules[$module]->keys;
$this->modules[$module]->keys = array();
foreach ($chave as $x => $di) {
if (!in_array($di, $this->modules[$module]->keys) && $di != "") {
array_push($this->modules[$module]->keys, $di);
}
}
unset($x);
unset($di);
# if this is a re-definition, will TOTALLY overright the fields (you can redefine fields from the default.xml on the meta.xml)
$this->modules[$module]->fields = array_merge($this->modules[$module]->fields, $campos);
# -- makes sure all keys are mandatory and present
foreach ($this->modules[$module]->keys as $x => $chave) {
if (!isset($this->modules[$module]->fields[$chave])) {
array_push($this->log, "Key not defined, considering INT 11, please fix the XML: {$module}.{$chave}");
$this->modules[$module]->fields[$chave] = array("CONS_XML_SQL" => "INT (11) UNSIGNED NOT NULL", "CONS_XML_TIPO" => CONS_TIPO_INT);
}
$this->modules[$module]->fields[$chave][CONS_XML_MANDATORY] = true;
// vc keys without case specified, force ucase
if ($this->modules[$module]->fields[$chave][CONS_XML_TIPO] == CONS_TIPO_VC && !isset($this->modules[$module]->fields[$chave][CONS_XML_SPECIAL])) {
$this->modules[$module]->fields[$chave][CONS_XML_SPECIAL] = "ucase";
}
}
unset($x);
unset($chave);
}
}
# -- foreach module
$total_relacoes = count($relation);
# check our relationship counts and build proper fields or support tables -------------
for ($c = 0; $c < $total_relacoes; $c++) {
$rel = $relation[$c];
# relation: MODULE => FIELD => MODULE or MODULE => SFIELD:FIELD => MODULE for serialized fields
if (!isset($this->modules[$rel[0]]) || !isset($this->modules[$rel[2]])) {
array_push($this->log, "Error (pass 1) trying to build foreign keys from '" . $rel[0] . "' to '" . $rel[2] . "' at " . $rel[1] . ": one of the modules do not exist, ignoring relation");
} else {
$sfield = "";
if (strpos($rel[1], ":") !== false) {
#serialized field
$field = explode(":", $field);
$sfield = $field[0];
$field = $field[1];
} else {
$field = $rel[1];
}
if (substr($field, 0, 3) != "id_") {
array_push($this->log, "All relations to another modules MUST start with id_ on " . $rel[0] . "' to '" . $rel[2] . "' at " . $rel[1] . ": should be id_" . $field . " ?");
}
if ($sfield == '') {
$this->modules[$rel[2]]->volatile = false;
}
# keeps volatile if linked from serialized (a.k.a. serialized links are not safe, because they are meant to be dinamic)
foreach ($this->modules[$rel[2]]->keys as $x => $chave) {
# will create required keys for foreign table, except any one in common with this table
if ($chave == "id" || !isset($this->modules[$rel[0]]->fields[$chave])) {
# only standard id exists (always link it), or it's not a standard key ... still have to test if it's not a key to this table
# basically, this will create the second+ keys on multikey relations
if (!($this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] == CONS_TIPO_LINK && $this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE] == $rel[0])) {
# ok not a key to this table (the FOREING key is not this table, pay attention! this will still be true for id_parent)
if ($sfield == "") {
# normal
if ($chave == "id") {
# uses the name that came in the XML model
if (!isset($this->modules[$rel[0]]->fields[$field])) {
$this->modules[$rel[0]]->fields[$field] = array();
}
$this->modules[$rel[0]]->fields[$field][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]);
$this->modules[$rel[0]]->fields[$field][CONS_XML_TIPO] = CONS_TIPO_LINK;
$this->modules[$rel[0]]->fields[$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT;
$this->modules[$rel[0]]->fields[$field][CONS_XML_MODULE] = $rel[2];
# the creation system might have added this already, that's why testing before resetting the array
if (isset($this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN]) && $this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] == "inner" || isset($this->modules[$rel[0]]->fields[$field][CONS_XML_MANDATORY])) {
// is set join to INNER or is explicitly mandatory, make sure both are set
$this->modules[$rel[0]]->fields[$field][CONS_XML_MANDATORY] = true;
if ($x == 0) {
$this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] = "inner";
}
} else {
// no join mode set (defaults to left), set to left, and no explicit mandatory tag
if ($x == 0) {
$this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] = "left";
}
$this->modules[$rel[0]]->fields[$field][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$field][CONS_XML_SQL]);
}
} else {
if ($x == 0) {
$nome = $field;
# first key keeps the original name
$this->modules[$rel[0]]->fields[$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT;
} else {
$nome = $field . "_" . str_replace("id_", "", $chave);
}
# creates a composition with the model name and the foreign name
$this->modules[$rel[0]]->fields[$nome][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]);
$this->modules[$rel[0]]->fields[$nome][CONS_XML_TIPO] = $x == 0 ? CONS_TIPO_LINK : $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO];
$this->modules[$rel[0]]->fields[$nome][CONS_XML_MODULE] = isset($this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE]) ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE] : $rel[2];
if (isset($this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN]) && $this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] == "inner" || isset($this->modules[$rel[0]]->fields[$nome][CONS_XML_MANDATORY])) {
$this->modules[$rel[0]]->fields[$nome][CONS_XML_MANDATORY] = true;
if ($x == 0) {
$this->modules[$rel[0]]->fields[$nome][CONS_XML_JOIN] = "inner";
}
} else {
if ($x == 0) {
$this->modules[$rel[0]]->fields[$nome][CONS_XML_JOIN] = "left";
}
unset($this->modules[$rel[0]]->fields[$nome][CONS_XML_MANDATORY]);
$this->modules[$rel[0]]->fields[$nome][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$nome][CONS_XML_SQL]);
}
}
} else {
# serialized
if ($chave == "id") {
# uses the name that came in the XML model
if (!isset($this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field])) {
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field] = array();
}
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]);
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_TIPO] = CONS_TIPO_LINK;
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT;
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_MODULE] = $rel[2];
# serialized links cannot be "inner"
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_JOIN] = "left";
if (isset($this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_MANDATORY])) {
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_MANDATORY] = true;
} else {
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_SQL]);
}
} else {
if ($x == 0) {
$nome = $field;
# first key keeps the original name
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT;
} else {
$nome = $field . "_" . str_replace("id_", "", $chave);
}
# creates a composition with the model name and the foreign name
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]);
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_TIPO] = $x == 0 ? CONS_TIPO_LINK : $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO];
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_MODULE] = isset($this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE]) ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE] : $rel[2];
# serialized links cannot be "inner"
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_JOIN] = "left";
if (isset($this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_MANDATORY])) {
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_MANDATORY] = true;
} else {
$this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_SQL]);
}
}
}
# sfield?
}
}
# secondary (multikey)?
}
# foreach
unset($x);
unset($chave);
if (!isset($this->modules[$rel[0]]->fields[$field][CONS_XML_SQL])) {
array_push($this->log, "Error (pass 2) trying to build foreing keys from " . $rel[0] . " to " . $rel[2] . " at " . $field . ": ignoring relation");
}
}
}
# foreach for relations
// now some automatic settings since all modules are loaded, and consistency check on build, partOf, etc ---------------------
$cacheLinkNum = array();
// module => modules which link to this
foreach ($this->modules as $mname => &$module) {
$links = 0;
$fieldsRequiredToLinks = 0;
foreach ($module->fields as $name => $field) {
// check for linker modules
if ($field[CONS_XML_TIPO] == CONS_TIPO_LINK && $field[CONS_XML_MODULE] != $mname) {
// links to OTHER link not myself
$links++;
# do not count PARENTS as links
$fieldsRequiredToLinks += count($this->modules[$field[CONS_XML_MODULE]]->keys);
# a module can have more than one key, thus to know if this module is a linker module, we need to check if ALL THIS HAVE are the keys for 2 modules
// vc links that have no case specified, force to upper
if ($field[CONS_XML_TIPO] == CONS_TIPO_LINK && $field[CONS_XML_LINKTYPE] == CONS_TIPO_VC && !isset($field[CONS_XML_SPECIAL])) {
$this->modules[$mname]->fields[$name][CONS_XML_SPECIAL] = "ucase";
}
}
if (isset($field[CONS_XML_FILTEREDBY])) {
foreach ($field[CONS_XML_FILTEREDBY] as $fbname) {
if (!isset($module->fields[$fbname])) {
$this->log[] = "Error on filteredby for {$mname}.{$name}: {$fbname} does not exist";
} else {
if (!isset($this->modules[$module->fields[$fbname][CONS_XML_MODULE]])) {
$this->log[] = "Error on filteredby for {$mname}.{$name}: module defined in {$fbname} does not exist";
}
}
}
}
}
if ($links == 2 && count($module->fields) == $fieldsRequiredToLinks || $this->modules[$mname]->linker) {
# this is a linker module!
$this->modules[$mname]->linker = true;
}
if ($this->modules[$mname]->title == "" && !$this->modules[$mname]->options[CONS_MODULE_SYSTEM] && !$this->modules[$mname]->linker) {
$this->modules[$mname]->title = $this->modules[$mname]->keys[0];
// first key
}
}
# here we finished the automatic settings
# load plugins that are defined by METADATA
foreach ($this->modules as $name => &$module) {
foreach ($module->plugins as $sname) {
if (!isset($this->loadedPlugins[$sname])) {
$this->addPlugin($sname, $name);
} else {
$this->loadedPlugins[$sname]->moduleRelation = $name;
}
}
}
foreach ($this->loadedPlugins as $sname => $obj) {
if ($obj->name == '' || $obj->name != $sname) {
$this->errorControl->raise(9, $obj->name, $sname);
}
}
# DIE FREAKING THUMBS.DB, DIE!
function dieFreakingThumbs($folder)
{
if ($folder[strlen($folder) - 1] != '/') {
$folder .= "/";
}
foreach (glob($folder . "*") as $file) {
if (is_dir($file)) {
dieFreakingThumbs($file);
} else {
$arf = explode(".", $file);
if (array_pop($arf) == 'db') {
@unlink($file);
}
}
}
}
dieFreakingThumbs(CONS_PATH_PAGES . $_SESSION['CODE'] . "/");
$customxml = is_file(CONS_PATH_PAGES . $_SESSION["CODE"] . "/_config/custom.xml") ? cReadFile(CONS_PATH_PAGES . $_SESSION["CODE"] . "/_config/custom.xml") : '';
# All plugins are loaded, check their manifest and customs
foreach ($this->loadedPlugins as $sname => $plugin) {
if (is_file(CONS_PATH_SYSTEM . "plugins/{$sname}/payloadmanifest.php")) {
$copyFiles = (include CONS_PATH_SYSTEM . "plugins/{$sname}/payloadmanifest.php");
foreach ($copyFiles as $from => $to) {
if ($from[strlen($from) - 1] == "/" && is_dir($from) && (!is_dir($to) || !CONS_ONSERVER && isset($_REQUEST['nocache']))) {
// FOLDER
if (!function_exists('recursive_copy')) {
include_once CONS_PATH_INCLUDE . "recursive_copy.php";
}
recursive_copy($from, $to);
} else {
if (is_file($from) && (!is_file($to) || !CONS_ONSERVER && isset($_REQUEST['nocache']))) {
// FILE
$path = explode("/", $to);
array_pop($path);
// bye file
$path = implode("/", $path);
makeDirs($path);
copy($from, $to);
}
}
}
}
if (is_file(CONS_PATH_SYSTEM . "plugins/{$sname}/custom.xml")) {
$customxml .= cReadFile(CONS_PATH_SYSTEM . "plugins/{$sname}/custom.xml");
}
}
# Read custom metadata for dimconfig
if ($customxml != '') {
$parseXMLparams = array(C_XML_RAW => true, C_XML_AUTOPARSE => true, C_XML_REMOVECOMMENTS => true);
$xml = new xmlHandler();
$customxml = $xml->parseXML($customxml, $parseXMLparams, true);
if ($customxml === false) {
$this->errorControl->raise(180);
}
unset($xml);
$customxml =& $customxml->getbranch(0);
$total = $customxml->total();
$dimconfigMD = array();
// MetaData -------------------------------------
for ($c = 0; $c < $total; $c++) {
# for each module ...
$thisbranch =& $customxml->getbranch($c);
$configname = strtolower($thisbranch->data[0]);
if (!isset($this->dimconfig[$configname])) {
$this->dimconfig[$configname] = '';
}
$dimconfigMD = $this->processParameters($thisbranch, $dimconfigMD, '');
}
foreach ($dimconfigMD as $name => $field) {
if ($field[CONS_XML_TIPO] == CONS_TIPO_UPLOAD && (!isset($field['location']) || $field['location'][0] == '/')) {
$this->errorControl->raise(181, $name, 'dimconfig');
}
if ($field[CONS_XML_TIPO] != CONS_TIPO_ENUM) {
unset($dimconfigMD[$name][CONS_XML_SQL]);
}
}
cWriteFile(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/_dimconfig.dat", serialize($dimconfigMD));
// this defines the type of each item on dimconfig
}
# Apply and raise metadata
$this->applyMetaData();
# no log = no error
return $sucess = count($this->log) == 0;
}
$stateorprovince = $stateorprovinceA[1];
$cityname = $citynameA[1];
$orginizationname = $orginizationnameA[1];
$orginizationdepartment = $orginizationdepartmentA[1];
$commonname = $commonnameA[1];
if ($_POST) {
/* Grab posted variables and create a new openssl.cnf */
$countrycode = $_POST['countrycode'];
$stateorprovince = $_POST['stateorprovince'];
$cityname = $_POST['cityname'];
$orginizationname = $_POST['orginizationname'];
$orginizationdepartment = $_POST['orginizationdepartment'];
$commonname = $_POST['commonname'];
/* Write out /usr/local/ssl/openssl.cnf */
conf_mount_rw();
safe_mkdir("/var/etc/ssl/");
$fd = fopen("/usr/local/ssl/openssl.cnf", "w");
fwrite($fd, "");
fwrite($fd, "[ req ]\n");
fwrite($fd, "distinguished_name=req_distinguished_name \n");
fwrite($fd, "req_extensions = v3_req \n");
fwrite($fd, "prompt=no\n");
fwrite($fd, "default_bits = 1024\n");
fwrite($fd, "default_keyfile = privkey.pem\n");
fwrite($fd, "distinguished_name = req_distinguished_name\n");
fwrite($fd, "attributes = req_attributes\n");
fwrite($fd, "x509_extensions = v3_ca # The extentions to add to the self signed cert\n");
fwrite($fd, "[ req_distinguished_name ] \n");
fwrite($fd, "C=" . $countrycode . " \n");
fwrite($fd, "ST=" . $stateorprovince . " \n");
fwrite($fd, "L=" . $cityname . " \n");
update_output_window(gettext("Please wait while Snort interface files are updated..."));
}
// Make sure the interface subdirectory and required sub-directories exists.
// We need to re-create them during a pkg reinstall for the intial rules set
// download and configuration done as part of restoring saved settings.
if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}")) {
safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}");
}
if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/rules")) {
safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/rules");
}
if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/preproc_rules")) {
safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/preproc_rules");
}
if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/snort_dynamicpreprocessor")) {
safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/snort_dynamicpreprocessor");
}
snort_apply_customizations($value, $if_real);
/* Log a message in Update Log if protecting customized preprocessor rules. */
$tmp = "\t" . $tmp . "\n";
if ($value['protect_preproc_rules'] == 'on') {
$tmp .= gettext("\tPreprocessor text rules flagged as protected and not updated for ");
$tmp .= convert_friendly_interface_to_friendly_descr($value['interface']) . "...\n";
}
error_log($tmp, 3, SNORT_RULES_UPD_LOGFILE);
}
} else {
if ($pkg_interface != "console") {
update_output_window(gettext("Warning: No interfaces configured for Snort were found..."));
update_output_window(gettext("No interfaces currently have Snort configured and enabled on them..."));
}
if (isset($_REQUEST['haveinfo'])) {
if (isset($_REQUEST['makedir'])) {
$core->storage['dir'] = '/';
$theDir = trim($_REQUEST['makedir']);
if ($theDir != "" && $theDir[strlen($theDir) - 1] == "/") {
$theDir = substr($theDir, 0, -1);
}
$theDir = explode("/", $theDir);
$coreDir = removeSimbols(array_pop($theDir), false, true);
$theDir = implode("/", $theDir);
// parent
if (is_dir(CONS_FMANAGER . $theDir)) {
$core->storage['dir'] = $theDir;
$theDir .= "/" . $coreDir;
if ($this->canEdit($theDir)) {
if (safe_mkdir(CONS_FMANAGER . $theDir)) {
$core->log[] = "Folder " . $theDir . " created";
$core->errorControl->raise(506, "Created {$theDir}", "fmanager");
$core->storage['error'] = $core->langOut("create_folder_ok");
$core->storage['dir'] = $theDir;
} else {
$core->logaction(CONS_ACTION_INCLUDE, $fm, false, false);
$core->storage['error'] = $core->langOut("create_folder_error");
}
} else {
$core->storage['error'] = $core->langOut("create_folder_pd");
}
} else {
$core->storage['error'] = $core->langOut("create_folder_error_pnf");
}
} else {
function pfblockerng_uc_countries()
{
global $g, $pfb;
$maxmind_cont = "{$pfb['geoipshare']}/country_continent.csv";
$maxmind_cc4 = "{$pfb['geoipshare']}/GeoIPCountryWhois.csv";
$maxmind_cc6 = "{$pfb['geoipshare']}/GeoIPv6.csv";
// Create folders if not exist
$folder_array = array("{$pfb['dbdir']}", "{$pfb['logdir']}", "{$pfb['ccdir']}");
foreach ($folder_array as $folder) {
safe_mkdir("{$folder}", 0755);
}
$now = date('m/d/y G:i:s', time());
$log = "Country code update Start [ NOW ]\n";
if (!$g['pfblockerng_install']) {
print "Country code update Start [ {$now} ]\n";
}
pfb_logger("{$log}", 3);
if (!file_exists($maxmind_cont) || !file_exists($maxmind_cc4) || !file_exists($maxmind_cc6)) {
$log = " [ MAXMIND UPDATE FAIL, CSV missing, using previous Country code database \n";
if (!$g['pfblockerng_install']) {
print $log;
}
pfb_logger("{$log}", 3);
return;
}
// Save Date/Time stamp to MaxMind version file
$local_tds4 = @gmdate('D, d M Y H:i:s T', @filemtime($maxmind_cc4));
$local_tds6 = @gmdate('D, d M Y H:i:s T', @filemtime($maxmind_cc6));
$maxmind_ver = "MaxMind GeoLite Date/Time Stamps\n";
$maxmind_ver .= "Local_v4 \tLast-Modified: {$local_tds4}\n";
$maxmind_ver .= "Local_v6 \tLast-Modified: {$local_tds6}\n";
@file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver, LOCK_EX);
// Collect ISO codes for each Continent
$log = " Processing Continent Data\n";
if (!$g['pfblockerng_install']) {
print $log;
}
pfb_logger("{$log}", 3);
$cont_array = array();
if (($handle = fopen("{$maxmind_cont}", 'r')) !== FALSE) {
while (($cc = fgetcsv($handle)) !== FALSE) {
$cc_key = $cc[0];
$cont_key = $cc[1];
switch ($cont_key) {
case 'AF':
$cont_array[0]['continent'] = 'Africa';
$cont_array[0]['iso'] .= "{$cc_key},";
$cont_array[0]['file4'] = "{$pfb['ccdir']}/Africa_v4.txt";
$cont_array[0]['file6'] = "{$pfb['ccdir']}/Africa_v6.txt";
break;
case 'AS':
$cont_array[1]['continent'] = 'Asia';
$cont_array[1]['iso'] .= "{$cc_key},";
$cont_array[1]['file4'] = "{$pfb['ccdir']}/Asia_v4.txt";
$cont_array[1]['file6'] = "{$pfb['ccdir']}/Asia_v6.txt";
break;
case 'EU':
$cont_array[2]['continent'] = 'Europe';
$cont_array[2]['iso'] .= "{$cc_key},";
$cont_array[2]['file4'] = "{$pfb['ccdir']}/Europe_v4.txt";
$cont_array[2]['file6'] = "{$pfb['ccdir']}/Europe_v6.txt";
break;
case 'NA':
$cont_array[3]['continent'] = 'North America';
$cont_array[3]['iso'] .= "{$cc_key},";
$cont_array[3]['file4'] = "{$pfb['ccdir']}/North_America_v4.txt";
$cont_array[3]['file6'] = "{$pfb['ccdir']}/North_America_v6.txt";
break;
case 'OC':
$cont_array[4]['continent'] = 'Oceania';
$cont_array[4]['iso'] .= "{$cc_key},";
$cont_array[4]['file4'] = "{$pfb['ccdir']}/Oceania_v4.txt";
$cont_array[4]['file6'] = "{$pfb['ccdir']}/Oceania_v6.txt";
break;
case 'SA':
$cont_array[5]['continent'] = 'South America';
$cont_array[5]['iso'] .= "{$cc_key},";
$cont_array[5]['file4'] = "{$pfb['ccdir']}/South_America_v4.txt";
$cont_array[5]['file6'] = "{$pfb['ccdir']}/South_America_v6.txt";
break;
}
}
}
unset($cc);
fclose($handle);
// Add Maxmind Anonymous Proxy and Satellite Providers to array
$cont_array[6]['continent'] = 'Proxy and Satellite';
$cont_array[6]['iso'] = 'A1,A2';
$cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt";
$cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt";
sort($cont_array);
// Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6)
foreach (array('4', '6') as $type) {
$log = " Processing ISO IPv{$type} Continent/Country Data\n";
if (!$g['pfblockerng_install']) {
print $log;
}
pfb_logger("{$log}", 3);
if ($type == '4') {
$maxmind_cc = "{$pfb['geoipshare']}/GeoIPCountryWhois.csv";
} else {
$maxmind_cc = "{$pfb['geoipshare']}/GeoIPv6.csv";
}
$iptype = "ip{$type}";
$filetype = "file{$type}";
if (($handle = fopen("{$maxmind_cc}", 'r')) !== FALSE) {
while (($cc = fgetcsv($handle)) !== FALSE) {
$cc_key = $cc[4];
$country_key = $cc[5];
$a_cidr = implode(',', ip_range_to_subnet_array_temp($cc[0], $cc[1]));
foreach ($cont_array as $key => $iso) {
if (strpos($iso['iso'], $cc_key) !== FALSE) {
$cont_array[$key][$cc_key][$iptype] .= "{$a_cidr},";
$cont_array[$key][$cc_key]['country'] = $country_key;
continue;
}
}
}
}
unset($cc);
fclose($handle);
// Build Continent files
foreach ($cont_array as $key => $iso) {
$header = $pfb_file = $iso_key = '';
$header .= '# Generated from MaxMind Inc. on: ' . date('m/d/y G:i:s', time()) . "\n";
$header .= "# Continent IPv{$type}: {$cont_array[$key]['continent']}\n";
$pfb_file = $cont_array[$key][$filetype];
$iso_key = array_keys($iso);
foreach ($iso_key as $ikey) {
if (strlen($ikey) == 2) {
$header .= "# Country: {$iso[$ikey]['country']}\n";
$header .= "# ISO Code: {$ikey}\n";
$header .= '# Total Networks: ' . substr_count($iso[$ikey][$iptype], ',') . "\n";
$header .= str_replace(',', "\n", $iso[$ikey][$iptype]);
$iso[$ikey][$iptype] = '';
}
}
@file_put_contents($pfb_file, $header, LOCK_EX);
}
}
}
function raise($errCode, $parameter = "", $module = "", $extended = "")
{
if (!CONS_ONSERVER && $errCode == 1000) {
return;
}
# this will happen every single hit on development mode
if ($this->errorCount == CONS_MAX_ERRORS) {
$errCode = 178;
}
// abort (gracefully)
if ($this->errorCount > CONS_MAX_ERRORS) {
die("178 too many errors, error during error report found");
}
#-- quickly set the fatal error flag
if (!isset($this->ERRORS[$errCode])) {
$parameter = $errCode;
$errCode = 603;
}
if (!is_dir(CONS_PATH_LOGS)) {
safe_mkdir(CONS_PATH_LOGS);
}
if (($this->ERRORS[$errCode] == CONS_ERROR_FATAL_MAIL || $this->ERRORS[$errCode] == CONS_ERROR_NOTIFYMAIL) && !CONS_ONSERVER) {
if (isMail(CONS_MASTERMAIL)) {
@mail(CONS_MASTERMAIL, "Fatal error at " . (isset($_SESSION['CODE']) ? $_SESSION['CODE'] : "Unknown domain") . " err {$errCode}", "Data: {$parameter}\nModule:{$module}", CONS_MASTERMAIL);
}
}
#-- 404 errors ...
if ($errCode == 103 || $errCode == 114 || $errCode == 166 || $errCode == 171) {
$fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/404.log", "a");
if ($fd) {
fwrite($fd, date("Y-m-d H:i:s") . " e{$errCode} " . $this->parent->context_str . $this->parent->action . " (" . $this->parent->original_action . ") referer=" . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "-") . "\n");
fclose($fd);
return;
} else {
$errCode = 179;
$parameter = $this->parent->context_str . $this->parent->action;
}
}
#-- ok normal errors ...
if (is_object($module)) {
$module = $module->name;
}
$showToUser = CONS_DEVELOPER || $this->ERRORS[$errCode] == CONS_ERROR_NOTICE_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_WARNING_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_ERROR_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_SEC_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_NOTICESTOP || $this->ERRORS[$errCode] == CONS_ERROR_MESSAGE;
$lowLog = $this->ERRORS[$errCode] == CONS_ERROR_NOTICE || $this->ERRORS[$errCode] == CONS_ERROR_WARNING || $this->ERRORS[$errCode] == CONS_ERROR_WARNING_SHOW;
$securityLog = $this->ERRORS[$errCode] == CONS_ERROR_SEC || $this->ERRORS[$errCode] == CONS_ERROR_SEC_SHOW;
$highLog = $this->ERRORS[$errCode] == CONS_ERROR_ERROR || $this->ERRORS[$errCode] == CONS_ERROR_ERROR_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_FATAL || $this->ERRORS[$errCode] == CONS_ERROR_NOTIFYMAIL;
$actionLog = $this->ERRORS[$errCode] < CONS_ERROR_WARNING && ($errCode >= 300 && $errCode < 400);
$stopScript = $this->ERRORS[$errCode] == CONS_ERROR_FATAL || $this->ERRORS[$errCode] == CONS_ERROR_FATAL_NOLOG || $this->ERRORS[$errCode] == CONS_ERROR_NOTICESTOP || $this->ERRORS[$errCode] == CONS_ERROR_FATAL_MAIL;
$storeInWarning = $this->ERRORS[$errCode] != CONS_ERROR_MESSAGE;
$redWarning = $this->ERRORS[$errCode] != CONS_ERROR_MESSAGE && $this->ERRORS[$errCode] != CONS_ERROR_NOTICE_SHOW && $this->ERRORS[$errCode] != CONS_ERROR_NOTICE && !$actionLog;
# These are logs that, once displayed to the users, should be in red (actual errors)
if (!$actionLog) {
$this->errorCount++;
}
#--
$errstr = $this->parent->langOut('e' . $errCode) . " (e{$errCode}) {$module} {$parameter} {$extended}";
$errstrfull = $errCode . "|" . $module . "|" . $parameter . "|" . $extended . "|" . implode("|", $this->parent->log);
# Error file:
# date|client|uri|errCode|module|parameters|extended parameters|log[|...]
# Action file:
# YmdHismodule|parameter|extended parameters
$status = date("d/m/Y H:i:s") . "|" . (isset($_SESSION['CODE']) ? $_SESSION['CODE'] : '?') . "|" . $_SERVER['REQUEST_URI'];
if ($showToUser) {
$this->parent->setLog($redWarning ? $highLog || $stopScript ? CONS_LOGGING_ERROR : CONS_LOGGING_WARNING : ($errCode == 300 ? CONS_LOGGING_SUCCESS : CONS_LOGGING_NOTICE), $errstr);
}
if ($storeInWarning) {
$this->parent->warning[] = $errstr;
}
if ($lowLog || $securityLog || $highLog) {
if (isset($_SESSION['CODE'])) {
if (isset($_SESSION['CODE']) && !is_dir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/")) {
safe_mkdir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/");
}
if (!is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/err" . date("Ymd") . ".log") || filesize(CONS_PATH_LOGS . $_SESSION['CODE'] . "/err" . date("Ymd") . ".log") < CONS_MAX_LOGFILESIZE) {
$fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/err" . date("Ymd") . ".log", "a");
if ($fd) {
fwrite($fd, $status . "|" . $errstrfull . "\n");
fclose($fd);
}
}
if ($highLog) {
if (isset($this->parent->dimconfig['_cronD']) && $this->parent->dimconfig['_cronD'] == date("d")) {
$this->parent->dimconfig['_errcontrol'] = isset($this->parent->dimconfig['_errcontrol']) ? $this->parent->dimconfig['_errcontrol'] + 1 : 1;
} else {
$this->parent->dimconfig['_errcontrol'] = 1;
}
$this->parent->saveConfig(true);
}
}
# centralized log (the framework supports multiple domains, this log is a single log for all domains)
if ($highLog && (!is_file(CONS_PATH_LOGS . "err" . date("Ymd") . ".log") || filesize(CONS_PATH_LOGS . "err" . date("Ymd") . ".log") < CONS_MAX_LOGFILESIZE)) {
$fd = fopen(CONS_PATH_LOGS . "err" . date("Ymd") . ".log", "a");
if ($fd) {
fwrite($fd, $status . "|" . $errstrfull . "\n");
fclose($fd);
}
}
}
if ($actionLog && !CONS_ECONOMICMODE) {
if (isset($_SESSION['CODE']) && !is_dir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/")) {
safe_mkdir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/");
}
$fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . date("Ymd") . ".log", "a");
if ($fd) {
if ($errCode >= 301 && $errCode <= 305) {
$parameter = "e" . $errCode;
fwrite($fd, date("YmdHis") . $module . "|{$parameter}|{$extended}|{$extended}" . "\n");
} else {
$parameter = $parameter == CONS_ACTION_INCLUDE ? "include" : ($parameter == CONS_ACTION_UPDATE ? "edit" : ($parameter == CONS_ACTION_DELETE ? "delete" : $parameter));
fwrite($fd, date("YmdHis") . $module . "|{$parameter}|{$extended}|" . ($this->parent->logged() ? $_SESSION[CONS_SESSION_ACCESS_USER]['login'] : "******") . "\n");
}
fclose($fd);
}
}
if ($stopScript) {
$this->parent->headerControl->showHeaders('500', true);
echo "<div style='border:1px solid #FFCCCC;padding:10px;margin:20px;'>\n\t\t\t\t<b>{$parameter}</b> ({$errCode})\n\t\t\t \t<div style='border-top: 1px solid #CCCCCC;'>" . nl2br($this->errorToMessage($errCode, $parameter, $module, $extended)) . "</div>" . "<div style='border-top: 1px solid #CCCCCC;'>SystemLog:<br/><div style='font-size:10px'>" . implode("<br/>", $this->parent->log) . "</div></div>" . ($this->parent->debugmode ? "<div style='border-top: 1px solid #CCCCCC;'>DBLog:<br/><div style='font-size:10px'>" . implode("<br/>", $this->parent->dbo->log) . "</div></div>" : "") . ($this->parent->offlineMode ? "<div style='border-top: 1px solid #CCCCCC;'>DB DOWN</div>" : "") . "</div>Prescia";
$this->parent->close(true);
}
}
killbyname("barnyard2");
sleep(2);
// Delete any leftover barnyard2 PID files in /var/run
unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid");
}
// Set flag for post-install in progress
$g['suricata_postinstall'] = true;
// Mount file system read/write so we can modify some files
conf_mount_rw();
// Remove any previously installed script since we rebuild it
unlink_if_exists("{$rcdir}suricata.sh");
// Create the top-tier log directory
safe_mkdir(SURICATALOGDIR);
// Create the IP Rep and SID Mods lists directory
safe_mkdir(SURICATA_SID_MODS_PATH);
safe_mkdir(SURICATA_IPREP_PATH);
// Make sure config variable is an array
if (!is_array($config['installedpackages']['suricata']['config'][0])) {
$config['installedpackages']['suricata']['config'][0] = array();
}
// Download the latest GeoIP DB updates and create cron task if the feature is not disabled
if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] != 'off') {
log_error(gettext("[Suricata] Installing free GeoIP country database files..."));
include "/usr/local/pkg/suricata/suricata_geoipupdate.php";
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_geoipupdate.php", TRUE, 0, 0, 8, "*", "*", "root");
}
// Download the latest ET IQRisk updates and create cron task if the feature is not disabled
if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on') {
log_error(gettext("[Suricata] Installing Emerging Threats IQRisk IP List..."));
include "/usr/local/pkg/suricata/suricata_etiqrisk_update.php";
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
?>
<p>
<textarea cols="55" rows="1" name="status" id="status" wrap="hard">One moment please... This will take a while!</textarea>
<textarea cols="55" rows="25" name="output" id="output" wrap="hard"></textarea>
</form>
<?php
include "fend.inc";
?>
</body>
</html>
<?php
echo "<script language=\"JavaScript\">document.forms[0].status.value=\"Creating CA...\";</script>";
mwexec("rm -rf /tmp/*");
//mwexec("rm -rf /tmp/newcerts");
safe_mkdir("/tmp/newcerts", 0755);
touch("/tmp/index.txt");
$fd = fopen("/tmp/serial", "w");
fwrite($fd, "01\n");
fclose($fd);
/*
mkdir /tmp/newcerts
touch /tmp/index.txt
echo 01 > serial
#Create The Certificate Authority Root Certificate
cd /tmp/ && openssl req -nodes -new -x509 -keyout cakey.pem -out cacert.pem -config /etc/ssl/openssl.cnf
#Create User Certificates
cd /tmp/ && openssl req -nodes -new -keyout vpnkey.pem -out vpncert-req.pem -config /etc/ssl/openssl.cnf
mkdir /tmp/newcerts
openssl ca -out vpncert.pem -in vpncert-req.pem -batch
private function sqlParameter($isADD, &$data, $name, &$field, &$EnumPrunecache, $isSerialized = false, $kA = '', $wS = '')
{
$output = false;
$encapsulation = $isSerialized ? '' : '"';
switch ($field[CONS_XML_TIPO]) {
case CONS_TIPO_INT:
if (isset($data[$name]) && $data[$name] !== "" && is_numeric($data[$name])) {
$output = $data[$name];
} else {
if ($isADD && isset($field[CONS_XML_DEFAULT])) {
$output = $field[CONS_XML_DEFAULT];
}
}
break;
case CONS_TIPO_LINK:
if ($field[CONS_XML_LINKTYPE] == CONS_TIPO_INT || $field[CONS_XML_LINKTYPE] == CONS_TIPO_FLOAT) {
$encapsulation = '';
}
if (isset($data[$name]) && ($data[$name] !== '' && $data[$name] !== 0 || !isset($field[CONS_XML_MANDATORY]))) {
# non-mandatory links accept 0 values, otherwise 0 is not acceptable
if ((!$isADD && isset($field[CONS_XML_IGNORENEDIT]) || $isADD) && ($data[$name] === 0 || $data[$name] === '')) {
break;
} else {
if (($field[CONS_XML_LINKTYPE] == CONS_TIPO_INT || $field[CONS_XML_LINKTYPE] == CONS_TIPO_FLOAT) && ($data[$name] === '' || !is_numeric($data[$name]))) {
$data[$name] = 0;
} else {
if ($field[CONS_XML_LINKTYPE] == CONS_TIPO_VC && $data[$name] != '') {
if ($field[CONS_XML_SPECIAL] == "ucase") {
$data[$name] = strtoupper($data[$name]);
}
if ($field[CONS_XML_SPECIAL] == "lcase") {
$data[$name] = strtolower($data[$name]);
}
}
}
}
# if this is a parent, check if this won't create a cyclic parenting
if ($data[$name] !== 0 && $data[$name] !== '' && $field[CONS_XML_MODULE] == $this->name && $this->options[CONS_MODULE_PARENT] == $name) {
if (!$isADD && $data[$name] == $data[$this->keys[0]]) {
$data[$name] = 0;
$this->parent->errorControl->raise(128, $name, $this->name, "Parent=Self");
if (isset($field[CONS_XML_MANDATORY])) {
return false;
}
} else {
$antiCicle = $isADD ? array() : array($data[$this->keys[0]]);
$idP = isset($data[$name]) ? $data[$name] : 0;
if ($idP == null) {
$idP = 0;
}
while ($idP !== 0) {
$idP = $this->parent->dbo->fetch("SELECT {$name} FROM " . $this->dbname . " WHERE " . $this->keys[0] . "={$idP}");
if ($idP == NULL) {
$idP = 0;
}
if (in_array($idP, $antiCicle)) {
break;
}
// cicle!
$antiCicle[] = $idP;
}
unset($antiCicle);
if ($idP !== 0) {
# did not reach root
$this->parent->errorControl->raise(128, $name, $this->name, "Initial parent was = " . $data[$name]);
$data[$name] = 0;
if (isset($field[CONS_XML_MANDATORY])) {
return false;
}
}
}
}
$output = $encapsulation . $data[$name] . $encapsulation;
} else {
if ($isADD && isset($field[CONS_XML_DEFAULT])) {
if ($field[CONS_XML_DEFAULT] == "%UID%" && defined("CONS_AUTH_USERMODULE") && $field[CONS_XML_MODULE] == CONS_AUTH_USERMODULE && $_SESSION[CONS_SESSION_ACCESS_LEVEL] > 0 && isset($_SESSION[CONS_SESSION_ACCESS_USER]['id'])) {
$output = $encapsulation . $_SESSION[CONS_SESSION_ACCESS_USER]['id'] . $encapsulation;
} else {
if ($field[CONS_XML_DEFAULT] != "%UID%") {
$output = $encapsulation . $field[CONS_XML_DEFAULT] . $encapsulation;
}
}
}
}
break;
case CONS_TIPO_FLOAT:
if (isset($data[$name]) && $data[$name] !== "") {
$data[$name] = fv($data[$name]);
if (is_numeric($data[$name])) {
$output = str_replace(",", ".", $data[$name]);
} else {
if ($isADD && isset($field[CONS_XML_DEFAULT])) {
$output = $field[CONS_XML_DEFAULT];
}
}
} else {
if ($isADD && isset($field[CONS_XML_DEFAULT])) {
$output = $field[CONS_XML_DEFAULT];
}
}
break;
case CONS_TIPO_VC:
if (isset($data[$name])) {
if (!isset($field[CONS_XML_SPECIAL]) || $field[CONS_XML_SPECIAL] != "urla") {
if (!isset($field[CONS_XML_CUSTOM])) {
$data[$name] = cleanString($data[$name], isset($field[CONS_XML_HTML]), $_SESSION[CONS_SESSION_ACCESS_LEVEL] == 100, $this->parent->dbo);
} else {
if (!$isSerialized) {
$data[$name] = addslashes_EX($data[$name], isset($field[CONS_XML_HTML]), $this->parent->dbo);
}
}
}
if (isset($field[CONS_XML_SPECIAL])) {
if ($field[CONS_XML_SPECIAL] == "urla") {
if (!isset($data[$name]) || $data[$name] == '') {
$source = isset($field[CONS_XML_SOURCE]) ? $field[CONS_XML_SOURCE] : "{" . $this->title . "}";
$tp = new CKTemplate($this->parent->template);
$tp->tbreak($source);
$data[$name] = $tp->techo($data);
unset($tp);
}
$data[$name] = str_replace(">", "", str_replace("<", "", str_replace(""", "", str_replace("'", "", $data[$name]))));
$data[$name] = removeSimbols($data[$name], true, false, CONS_FLATTENURL);
}
if ($field[CONS_XML_SPECIAL] == "login" && $data[$name] != "") {
if (!preg_match('/^([A-Za-z0-9_\\-\\.@]){4,20}$/', $data[$name])) {
$data[$name] = "";
$this->parent->errorControl->raise(129, $name, $this->name);
break;
}
}
if ($field[CONS_XML_SPECIAL] == "mail" && $data[$name] != "") {
if (!isMail($data[$name])) {
$data[$name] = "";
$this->parent->errorControl->raise(130, $name, $this->name);
break;
}
}
if ($field[CONS_XML_SPECIAL] == "ucase" && $data[$name] != "") {
$data[$name] = strtoupper($data[$name]);
$data[$name] = addslashes_EX($data[$name], isset($field[CONS_XML_HTML]), $this->parent->dbo);
}
if ($field[CONS_XML_SPECIAL] == "lcase" && $data[$name] != "") {
$data[$name] = strtolower($data[$name]);
$data[$name] = addslashes_EX($data[$name], isset($field[CONS_XML_HTML]), $this->parent->dbo);
}
if ($field[CONS_XML_SPECIAL] == "path" && $data[$name] != "") {
if (!preg_match('/^([A-Za-z0-9_\\/\\-]*)$/', $data[$name])) {
$data[$name] = "";
$this->parent->errorControl->raise(131, $name, $this->name);
break;
}
}
if ($field[CONS_XML_SPECIAL] == "onlinevideo" && $data[$name] != "") {
if (!preg_match('/^([A-Za-z0-9_\\-]){8,20}$/', $data[$name])) {
$data[$name] = "";
$this->parent->errorControl->raise(132, $name, $this->name);
break;
}
}
if ($field[CONS_XML_SPECIAL] == "time" && $data[$name] != "") {
if (!preg_match('/^([0-9]){1,2}(:)([0-9]){1,2}$/', $data[$name])) {
$data[$name] = "";
$this->parent->errorControl->raise(133, $name, $this->name);
break;
} else {
$data[$name] = explode(":", $data[$name]);
$data[$name][0] = (strlen($data[$name][0]) == 1 ? "0" : "") . $data[$name][0];
$data[$name][1] = (strlen($data[$name][1]) == 1 ? "0" : "") . $data[$name][1];
$data[$name] = $data[$name][0] . ":" . $data[$name][1];
}
}
}
if (!$isADD && isset($field[CONS_XML_IGNORENEDIT]) && $data[$name] == "") {
break;
} else {
if ($isADD && (!isset($data[$name]) || $data[$name] == '') && isset($field[CONS_XML_DEFAULT])) {
$data[$name] = $field[CONS_XML_DEFAULT];
}
}
$output = $encapsulation . $data[$name] . $encapsulation;
}
break;
case CONS_TIPO_TEXT:
if (isset($data[$name])) {
# WYSIWYG garbage ...
if (isset($field[CONS_XML_HTML]) && !isset($field[CONS_XML_CUSTOM])) {
$data[$name] = str_replace(" ", " ", trim($data[$name]));
if (isset($field[CONS_XML_SIMPLEEDITFORCE]) && $data[$name] != '') {
if (!defined('C_XHTML_AUTOTAB')) {
include CONS_PATH_INCLUDE . "xmlHandler.php";
}
$data[$name] = parseHTML($data[$name], true);
if ($data[$name] === false) {
$this->parent->errorControl->raise(190, $name, $this->name);
$data[$name] = '';
break;
}
}
if ($this->invalidHTML($data[$name])) {
# external editors garbage that can break HTML
$this->parent->errorControl->raise(135, $name, $this->name);
}
}
if (!isset($field[CONS_XML_CUSTOM])) {
$data[$name] = cleanString($data[$name], isset($field[CONS_XML_HTML]), $_SESSION[CONS_SESSION_ACCESS_LEVEL] == 100, $this->parent->dbo);
} else {
if (!$isSerialized) {
$data[$name] = addslashes_EX($data[$name], true, $this->parent->dbo);
}
}
if (!$isADD && isset($field[CONS_XML_IGNORENEDIT]) && $data[$name] == "") {
break;
}
$output = $encapsulation . $data[$name] . $encapsulation;
} else {
if ($isADD && isset($field[CONS_XML_DEFAULT])) {
$output = $encapsulation . $field[CONS_XML_DEFAULT] . $encapsulation;
}
}
break;
case CONS_TIPO_DATETIME:
case CONS_TIPO_DATE:
if (!isset($data[$name]) || $data[$name] == '') {
if (!$isADD && isset($field[CONS_XML_UPDATESTAMP])) {
$output = "NOW()";
$data[$name] = date("Y-m-d") . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " " . date("H:i:s") : "");
// might be used by friendly url or such
break;
} else {
if ($isADD && (isset($field[CONS_XML_TIMESTAMP]) || isset($field[CONS_XML_UPDATESTAMP]))) {
$output = "NOW()";
$data[$name] = date("Y-m-d") . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " " . date("H:i:s") : "");
// might be used by friendly url or such
break;
}
}
}
if (!isset($data[$name]) && isset($data[$name . "_day"])) {
# date came into separated fields, merge them
$theDate = $this->parent->intlControl->mergeDate($data, $name . "_");
if (!$theDate == false || ($theDate == "0000-00-00" || $theDate == "0000-00-00 00:00:00") && isset($field[CONS_XML_IGNORENEDIT])) {
break;
}
# empty date can be ignored, or corrupt date
$output = $encapsulation . $theDate . $encapsulation;
} else {
# came in mySQL format or i18n fromat
if (isset($data[$name]) && $data[$name] != "") {
$data[$name] = trim($data[$name]);
$theDate = $data[$name];
$theDate = $this->parent->intlControl->dateToSql($theDate, $field[CONS_XML_TIPO] == CONS_TIPO_DATETIME);
// handles any format of human or sql date
if ($theDate === false) {
if (substr($data[$name], 0, 5) == "NOW()") {
$output = $data[$name];
$data[$name] = date("Y-m-d") . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " " . date("H:i:s") : "");
// might be used by friendly url or such
} else {
$this->parent->errorControl->raise(134, $name, $this->name);
}
} else {
$output = $encapsulation . $theDate . $encapsulation;
$data[$name] = $theDate;
// other fields might need it
}
} else {
if (isset($data[$name])) {
// blank
if (!$isADD && isset($field[CONS_XML_IGNORENEDIT])) {
break;
}
$output = isset($field[CONS_XML_MANDATORY]) && $field[CONS_XML_MANDATORY] ? $encapsulation . "0000-00-00" . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " 00:00:00" : "") . $encapsulation : 'NULL';
}
}
}
break;
case CONS_TIPO_ENUM:
if (isset($data[$name])) {
if ($data[$name] == "") {
# enum does not accept empty values, this means it's a NON-MANDATORY enum comming empty = NULL
$output = "NULL";
} else {
$data[$name] = str_replace("\"", "", str_replace("'", "", $data[$name]));
$output = $encapsulation . $data[$name] . $encapsulation;
if (isset($field[CONS_XML_AUTOPRUNE])) {
// possible prune
//$EnumPrunecache
preg_match("@ENUM \\(([^)]*)\\).*@", $field[CONS_XML_SQL], $regs);
$enums = explode(",", $regs[1]);
$pruneRecipient = "";
for ($ec = 0; $ec < count($enums); $ec++) {
if (isset($field[CONS_XML_AUTOPRUNE][$ec]) && $field[CONS_XML_AUTOPRUNE][$ec] == '*') {
$pruneRecipient = $enums[$ec];
}
}
for ($ec = 0; $ec < count($enums); $ec++) {
if ("'" . $data[$name] . "'" == $enums[$ec]) {
if (isset($field[CONS_XML_AUTOPRUNE][$ec]) && $field[CONS_XML_AUTOPRUNE][$ec] != '0' && $field[CONS_XML_AUTOPRUNE][$ec] != '*') {
$EnumPrunecache[] = array($name, $field[CONS_XML_AUTOPRUNE][$ec], $pruneRecipient);
}
break;
// for
}
}
}
}
} else {
if ($isADD && isset($field[CONS_XML_DEFAULT])) {
$output = $encapsulation . $field[CONS_XML_DEFAULT] . $encapsulation;
}
}
break;
case CONS_TIPO_OPTIONS:
# must come as a string of 0 and 1
if (isset($data[$name]) && strlen($data[$name]) >= count($field[CONS_XML_OPTIONS])) {
# test if they are all 0 and 1!
$ok = true;
for ($c = 0; $c < strlen($data[$name]); $c++) {
if ($data[$name][$c] != "0" && $data[$name][$c] != "1") {
$ok = false;
break;
}
}
if ($ok) {
$output = $encapsulation . $data[$name] . ($isADD ? '0000' : '') . $encapsulation;
}
}
break;
case CONS_TIPO_UPLOAD:
if (!$isADD) {
# upload on add happens AFTER the SQL include, so if it fails, we don't even bother processing upload
if (isset($data[$name . "_delete"]) || isset($_FILES[$name]) && $_FILES[$name]['error'] == 0) {
// delete ou update
$ids = "";
foreach ($this->keys as $key) {
$ids .= $data[$key] . "_";
}
$ids = substr($ids, 0, strlen($ids) - 1);
$this->deleteUploads($data, $name, $ids);
}
$upOk = $this->prepareUpload($name, $kA, $data);
$upvalue = $upOk == '0' ? 'y' : 'n';
if ($upOk != 0 && $upOk != 4) {
# notification for the upload (4 = nothing sent, 0 = sent and ok)
$this->parent->errorControl->raise(200 + $upOk, $upOk, $this->name, $name);
}
if ($upOk != 4) {
$output = $encapsulation . $upvalue . $encapsulation;
} else {
// no change, but take this oportunity and check if the file exists!
$upvalue = 'n';
$path = CONS_FMANAGER . $this->name . "/";
if (is_dir($path)) {
if (isset($this->fields[$name][CONS_XML_FILEPATH])) {
$path .= $this->fields[$name][CONS_XML_FILEPATH];
if ($path[strlen($path) - 1] != "/") {
$path .= "/";
}
if (!is_dir($path)) {
safe_mkdir($path);
}
}
# prepares filename with item keys
$filename = $path . $name . "_";
foreach ($this->keys as $key) {
$filename .= $data[$key] . "_";
}
$filename .= "1";
$upvalue = locateAnyFile($filename, $ext, isset($this->fields[$name][CONS_XML_FILETYPES]) ? $this->fields[$name][CONS_XML_FILETYPES] : '') ? 'y' : 'n';
}
$output = $encapsulation . $upvalue . $encapsulation;
}
}
break;
case CONS_TIPO_ARRAY:
if (isset($data[$name])) {
if (is_array($data[$name])) {
$output = $data[$name];
} else {
# came in serialized (JSON or php)
if ($data[$name][0] == '[') {
# JSON
$output = @json_decode($data[$name]);
} else {
$output = @unserialize($data[$name]);
}
# we will serialize the whole thing
if ($output === false) {
$this->parent->errorControl->raise(189, $name, $this->name);
$output = "";
}
}
}
break;
case CONS_TIPO_SERIALIZED:
if (isset($data[$name])) {
// came raw data, we store as is, YOU should serialize raw data
$data[$name] = addslashes_EX($data[$name], true);
if (isset($field[CONS_XML_IGNORENEDIT]) && $data[$name] == "") {
break;
}
$output = $encapsulation . $data[$name] . $encapsulation;
} else {
if ($this->fields[$name][CONS_XML_SERIALIZED] > 1) {
// set to WRITE or ALL
// note: we ADD fields, never replace, because we should allow partial edits, thus we need to read the original data first
$sql = "SELECT {$name} FROM " . $this->dbname . " WHERE {$wS}";
$serialized = $this->parent->dbo->fetch($sql);
if ($serialized === false) {
$serialized = array();
} else {
$serialized = @unserialize($serialized);
}
$serializedFields = 0;
foreach ($this->fields[$name][CONS_XML_SERIALIZEDMODEL] as $exname => &$exfield) {
if (isset($data[$name . "_" . $exname])) {
$outfield = $this->sqlParameter(true, $data, $name . "_" . $exname, $exfield, $EnumPrunecache, true);
if ($outfield !== false && $outfield != 'NULL') {
$serialized[$exname] = $outfield;
}
# we don't need to store NULL like in sql
}
}
$output = $encapsulation . addslashes_EX(serialize($serialized), true, $this->parent->dbo) . $encapsulation;
}
}
break;
}
# switch
return $output;
}
}
}
if ($_POST['remove']) {
exec("/sbin/pfctl -t snort2c -T flush");
header("Location: /snort/snort_blocked.php");
exit;
}
/* TODO: build a file with block ip and disc */
if ($_POST['download']) {
$blocked_ips_array_save = "";
exec('/sbin/pfctl -t snort2c -T show', $blocked_ips_array_save);
/* build the list */
if (is_array($blocked_ips_array_save) && count($blocked_ips_array_save) > 0) {
$save_date = date("Y-m-d-H-i-s");
$file_name = "snort_blocked_{$save_date}.tar.gz";
safe_mkdir("{$g['tmp_path']}/snort_blocked");
file_put_contents("{$g['tmp_path']}/snort_blocked/snort_block.pf", "");
foreach ($blocked_ips_array_save as $counter => $fileline) {
if (empty($fileline)) {
continue;
}
$fileline = trim($fileline, " \n\t");
file_put_contents("{$g['tmp_path']}/snort_blocked/snort_block.pf", "{$fileline}\n", FILE_APPEND);
}
// Create a tar gzip archive of blocked host IP addresses
exec("/usr/bin/tar -czf {$g['tmp_path']}/{$file_name} -C{$g['tmp_path']}/snort_blocked snort_block.pf");
// If we successfully created the archive, send it to the browser.
if (file_exists("{$g['tmp_path']}/{$file_name}")) {
ob_start();
//important or other posts will fail
if (isset($_SERVER['HTTPS'])) {
