/** Returns proprietary GocDB rendering of the NGI data * in an XML String * @return String */ public function getXML() { $helpers = $this->helpers; $ngis = $this->ngis; $xml = new \SimpleXMLElement("<results />"); foreach ($ngis as $ngi) { $xmlNgi = $xml->addChild('NGI'); $xmlNgi->addAttribute("NAME", $ngi->getName()); $xmlNgi->addChild("PRIMARY_KEY", $ngi->getId()); $xmlNgi->addChild("NAME", $ngi->getName()); $xmlNgi->addChild("OBJECT_ID", $ngi->getId()); $xmlNgi->addChild("DESCRIPTION", xssafe($ngi->getDescription())); $xmlNgi->addChild("EMAIL", $ngi->getEmail()); $xmlNgi->addChild("GGUS_SU", $ngi->getGgus_Su()); $xmlNgi->addChild("ROD_EMAIL", $ngi->getRodEmail()); $xmlNgi->addChild("HELPDESK_EMAIL", $ngi->getHelpdeskEmail()); $xmlNgi->addChild("SECURITY_EMAIL", $ngi->getSecurityEmail()); $xmlNgi->addChild("SITE_COUNT", count($ngi->getSites())); } $dom_sxe = dom_import_simplexml($xml); $dom = new \DOMDocument('1.0'); $dom->encoding = 'UTF-8'; $dom_sxe = $dom->importNode($dom_sxe, true); $dom_sxe = $dom->appendChild($dom_sxe); $dom->formatOutput = true; $xmlString = $dom->saveXML(); return $xmlString; }
//There is dynamic creation of table ids here which are used to show and hide the extra services info //when clicked. This sub table by default is hidden echo '</tr>'; echo '<tr class="site_table_row_1"><td colspan="7" style="padding-left:2em">'; echo '<a href="#b' . $count . '" onclick="showHide(\'tablei_' . $count . '\');toggleMessage(\'divi_' . $count . '\');"/><div id="divi_' . $count . '">+Show Affected Services</div></a>'; echo '<table name="b' . $count . '" id="tablei_' . $count . '" style="clear: both; width: 100%; display:none;">'; echo '<tr class="site_table_row_1">'; echo '<th class="site_table">Sitename</th>'; echo '<th class="site_table">Hostname</th>'; echo '<th class="site_table">Production</th>'; echo '<th class="site_table">Monitored</th>'; foreach ($dt->getServices() as $se) { echo '<tr class="site_table_row_2">'; $sID = $se->getParentSite()->getId(); echo $td1 . '<a href="index.php?Page_Type=Site&id=' . $sID . '"/>' . xssafe($se->getParentSite()->getName()) . '</a>' . $td2; echo $td1 . '<a href="index.php?Page_Type=Service&id=' . $se->getId() . '"/>' . xssafe($se->getHostName()) . '</a>' . $td2; echo $td1 . ($se->getProduction() ? 'Yes' : 'No') . $td2; echo $td1 . ($se->getMonitored() ? 'Yes' : 'No') . $td2; echo '</tr>'; } echo '</table>'; echo '</td></tr>'; $count++; } ?> </table> </div> </div> </div>
<div class="rightPageContainer"> <h1 class="Success">Success</h1><br /> <?php $Site = $params['NewSite']; ?> The following services have been moved to <a href="index.php?Page_Type=Site&id=<?php echo $Site->getId(); ?> "> <?php xecho($Site->getShortName()); ?> </a>: <?php foreach ($params['Services'] as $sep) { echo "<br />" . "<a href=\"index.php?Page_Type=Service&id=" . $sep->getId() . "\">" . xssafe($sep->getHostName()) . "</a> "; } ?> </div>
/** Returns proprietary GocDB rendering of the downtime data * in an XML String * @return String */ public function getXML() { $helpers = $this->helpers; $query = $this->query; $xml = new \SimpleXMLElement("<results />"); $downtimes = $this->downtimes; foreach ($downtimes as $downtime) { // duplicate the downtime for each affected service foreach ($downtime->getServices() as $se) { $xmlDowntime = $xml->addChild('DOWNTIME'); $xmlDowntime->addAttribute("ID", $downtime->getId()); // Note, we are preserving the v4 primary keys here. $xmlDowntime->addAttribute("PRIMARY_KEY", $downtime->getPrimaryKey()); $xmlDowntime->addAttribute("CLASSIFICATION", $downtime->getClassification()); $xmlDowntime->addChild("PRIMARY_KEY", $downtime->getPrimaryKey()); $xmlDowntime->addChild("SITENAME", $se->getParentSite()->getShortName()); $xmlDowntime->addChild("HOSTNAME", $se->getHostName()); $xmlDowntime->addChild("SERVICE_TYPE", $se->getServiceType()->getName()); $xmlDowntime->addChild("HOSTED_BY", $se->getParentSite()->getShortName()); $portalUrl = htmlspecialchars('#GOCDB_BASE_PORTAL_URL#/index.php?Page_Type=Downtime&id=' . $downtime->getId()); $xmlDowntime->addChild('GOCDB_PORTAL_URL', $portalUrl); $xmlEndpoints = $xmlDowntime->addChild('AFFECTED_ENDPOINTS'); if ($this->renderMultipleEndpoints) { foreach ($downtime->getEndpointLocations() as $endpoint) { $xmlEndpoint = $xmlEndpoints->addChild('ENDPOINT'); $xmlEndpoint->addChild('ID', $endpoint->getId()); $xmlEndpoint->addChild('NAME', $endpoint->getName()); // Extensions? $xmlEndpoint->addChild('URL', htmlspecialchars($endpoint->getUrl())); $xmlEndpoint->addChild('INTERFACENAME', $endpoint->getInterfaceName()); } } $xmlDowntime->addChild('SEVERITY', $downtime->getSeverity()); $xmlDowntime->addChild('DESCRIPTION', xssafe($downtime->getDescription())); $xmlDowntime->addChild('INSERT_DATE', $downtime->getInsertDate()->getTimestamp()); $xmlDowntime->addChild('START_DATE', $downtime->getStartDate()->getTimestamp()); $xmlDowntime->addChild('END_DATE', $downtime->getEndDate()->getTimestamp()); $xmlDowntime->addChild('REMINDER_START_DOWNTIME', $downtime->getAnnounceDate()->getTimestamp()); // Intentionally left blank to duplicate GOCDBv4 PI behaviour $xmlDowntime->addChild('BROADCASTING_START_DOWNTIME', ""); } } $dom_sxe = dom_import_simplexml($xml); $dom = new \DOMDocument('1.0'); $dom->encoding = 'UTF-8'; $dom_sxe = $dom->importNode($dom_sxe, true); $dom_sxe = $dom->appendChild($dom_sxe); $dom->formatOutput = true; $xmlString = $dom->saveXML(); return $xmlString; }
// calculate the size of the impacted SEs appropriately if (sizeof($sites) > 20) { $size = 20; } else { $size = sizeof($sites) + 2; } ?> <select style="width: 99%; margin-right: 1%" class="form-control" id="Select_Sites" name="select_sites" size="10" onclick="getSitesServices();onSiteSelected();"> <?php foreach ($sites as $site) { $siteName = $site->getName(); $ngiName = $site->getNgi()->getName(); $label = xssafe($site . " (" . $ngiName . ")"); echo "<option value=\"{$site->getId()}\">{$label}</option>"; } ?> </select> <br /> <br /> </div> <div id="chooseServices" style="width: 50%; float: left; display: inline-block;"> <!-- Region that will show the services of a chosen site via AJAX--> </div> <!-- Create a hidden field to pass the confirmed value which at this point is false--> <?php $confirmed = false;
if (isset($_REQUEST['logout']) && $_REQUEST['logout'] || isset($logout) && $logout) { $user->logout($idsession); } $link = "?language=" . $lang; if (!empty($idsession)) { $link .= "&idsession=" . $idsession; } if ($user->error) { printf($html->string_error, $user->error); } if ($user->authenticated == 1) { if (isset($_REQUEST)) { $zonename = $_REQUEST['zonename']; $zonetype = $_REQUEST['zonetype']; $server = $_REQUEST['server']; } $zone = new Zone($zonename, $zonetype); if ($zone->error) { printf($html->string_error, $zone->error); } else { if ($zone->RetrieveUser() != $user->userid && ($config->usergroups && $zone->RetrieveUser() != $group->groupid)) { printf($html->string_error, $l['str_you_dont_own_this_zone']); } else { $title = sprintf($l['str_zone_content_for_x_on_server_x'], $zone->zonename, xssafe($server)); $content = sprintf("\n<pre>%s</pre>", xssafe(zoneDig($server, $zonename))); print $html->box('digwindow', $title, $content); } } } // print close "window" print $html->footerlight();
<?php $services = $params['services']; $configService = \Factory::getConfigService(); ?> <!-- Dynamically create a select list from a sites services --> <label> Select Affected Services+Endpoints (Ctrl+click to select)</label> <select name="IMPACTED_IDS[]" id="Select_Services" size="10" class="form-control" onclick="" style="width:99%; margin-left:1%" onChange="selectServicesEndpoint()" multiple> <?php foreach ($services as $service) { $count = 0; echo "<option value=\"s" . $service->getId() . "\" id=\"" . $service->getId() . "\" SELECTED>" . '(' . xssafe($service->getServiceType()->getName()) . ') ' . xssafe($service->getHostName()) . "</option>"; foreach ($service->getEndpointLocations() as $endpoint) { if ($endpoint->getName() == '') { $name = xssafe('myEndpoint'); } else { $name = xssafe($endpoint->getName()); } //Option styling doesn't work well cross browser so just use 4 spaces to indent the branch echo "<option id=\"" . $service->getId() . "\" value=\"e" . $endpoint->getId() . "\" SELECTED>    -" . $name . "</option>"; $count++; } } ?> </select>
<?php if (count($endpoints > 1)) { echo "<li><b>Affecting Endpoints:</b>"; } else { echo "<li><b>Affecting Endpoint:</b>"; } ?> <ul> <?php foreach ($endpoints as $id) { $endpoint = \Factory::getServiceService()->getEndpoint($id); if ($endpoint->getName() != '') { $name = xssafe($endpoint->getName()); } else { $name = xssafe("myEndpoint"); } echo "<li>" . $name . "</li>"; } ?> </ul> </li> </ul> <!-- Echo out a page type of edit or add downtime depending on type. --> <?php if (!$edit) { ?> <form name="Add_Downtime" action="index.php?Page_Type=Add_Downtime" method="post" class="inputForm" id="Downtime_Form" name=Downtime_Form onsubmit="document.getElementById('confirmSubmitBtn').disabled=true"> <?php
<div class="rightPageContainer"> <h1>Update Certificate DN</h1> <br /> <br /> The current certificate DN for <b><?php echo xssafe($params['Title']) . " " . xssafe($params['Forename']) . " " . xssafe($params['Surname']); ?> </b> is: <br /> <?php xecho($params['CertDN']); ?> <br /> <br /> <form class="inputForm" method="post" action="index.php?Page_Type=Admin_Edit_User_DN" name="editSType"> <span class="input_name">New Certificate DN</span> <input type="text" value="<?php xecho($params['CertDN']); ?> " name="DN" class="input_input_text"> <input class="input_input_hidden" type="hidden" name="ID" value="<?php echo $params['ID']; ?> " /> <br /> <input type="submit" value="Update DN" class="input_button"> </form> </div>
</div> <?php } else { ?> <div class="fr app-note-time"><?php echo human_timing(intval($note['time'])); ?> </div> <?php } ?> <?php if ($note['type'] == 'comment') { ?> <div class="app-note-text autolink"><?php echo nl2br(xssafe($note['text'])); ?> </div> <?php } ?> </div> <?php $prev_reviewer = $note['reviewer']; $prev_type = $note['type']; } ?> </div> </div> <?php }
/** * Returns proprietary GocDB rendering of the certification status change data * in an XML String * * @return String */ public function getXML() { $helpers = $this->helpers; $allLogs = $this->allLogs; $xml = new \SimpleXMLElement("<results />"); foreach ($allLogs as $log) { $xmlLog = $xml->addChild('result'); if ($log->getAddedDate() != null) { // e.g. <TIME>02-JUL-2013 12.51.58</TIME> $xmlLog->addChild('TIME', $log->getAddedDate()->format('d-M-Y H.i.s')); // e.g. <UNIX_TIME>1372769518</UNIX_TIME> $xmlLog->addChild('UNIX_TIME', $log->getAddedDate()->format('U')); } $xmlLog->addChild('SITE', $log->getParentSite()->getShortName()); $xmlLog->addChild('OLD_STATUS', $log->getOldStatus()); $xmlLog->addChild('NEW_STATUS', $log->getNewStatus()); $xmlLog->addChild('CHANGED_BY', $log->getAddedBy()); $xmlLog->addChild('COMMENT', xssafe($log->getReason())); } $dom_sxe = dom_import_simplexml($xml); $dom = new \DOMDocument('1.0'); $dom->encoding = 'UTF-8'; $dom_sxe = $dom->importNode($dom_sxe, true); $dom_sxe = $dom->appendChild($dom_sxe); $dom->formatOutput = true; $xmlString = $dom->saveXML(); return $xmlString; }
function account_desc($email, $nl2br = true) { $desc = account_exists($email) ? account_data($email)['desc'] : ''; $desc = xssafe($desc); return $nl2br ? nl2br($desc) : $desc; }
/** Returns proprietary GocDB rendering of the service group data * in an XML String * @return String */ public function getXML() { $helpers = $this->helpers; $xml = new \SimpleXMLElement("<results />"); $sgs = $this->sgs; foreach ($sgs as $sg) { $xmlSg = $xml->addChild('SERVICE_GROUP'); $xmlSg->addAttribute("PRIMARY_KEY", $sg->getId() . "G0"); $xmlSg->addChild('NAME', $sg->getName()); $xmlSg->addChild('DESCRIPTION', htmlspecialchars($sg->getDescription())); $mon = $sg->getMonitored() ? 'Y' : 'N'; $xmlSg->addChild('MONITORED', $mon); $xmlSg->addChild('CONTACT_EMAIL', $sg->getEmail()); $url = '#GOCDB_BASE_PORTAL_URL#/index.php?Page_Type=Service_Group&id=' . $sg->getId(); $url = htmlspecialchars($url); $xmlSg->addChild('GOCDB_PORTAL_URL', $url); foreach ($sg->getServices() as $service) { // maybe Rename SERVICE_ENDPOINT to SERVICE $xmlService = $xmlSg->addChild('SERVICE_ENDPOINT'); $xmlService->addAttribute("PRIMARY_KEY", $service->getId() . "G0"); $xmlService->addChild('HOSTNAME', $service->getHostName()); $url = '#GOCDB_BASE_PORTAL_URL#/index.php?Page_Type=Service&id=' . $service->getId(); $xmlService->addChild('GOCDB_PORTAL_URL', htmlspecialchars($url)); $xmlService->addChild('SERVICE_TYPE', $service->getServiceType()->getName()); $xmlService->addChild('HOST_IP', $service->getIpAddress()); $xmlService->addChild('HOST_IPV6', $service->getIpV6Address()); $xmlService->addChild('HOSTDN', $service->getDN()); $prod = $service->getProduction() ? 'Y' : 'N'; $xmlService->addChild('IN_PRODUCTION', $prod); $mon = $service->getMonitored() ? 'Y' : 'N'; $xmlService->addChild('NODE_MONITORED', $mon); if ($this->renderMultipleEndpoints) { $xmlEndpoints = $xmlService->addChild('ENDPOINTS'); foreach ($service->getEndpointLocations() as $endpoint) { $xmlEndpoint = $xmlEndpoints->addChild('ENDPOINT'); $xmlEndpoint->addChild('ID', $endpoint->getId()); $xmlEndpoint->addChild('NAME', htmlspecialchars($endpoint->getName())); // Endpoint Extensions $xmlEndpointExtensions = $xmlEndpoint->addChild('EXTENSIONS'); foreach ($endpoint->getEndpointProperties() as $prop) { $xmlProperty = $xmlEndpointExtensions->addChild('EXTENSION'); $xmlProperty->addChild('LOCAL_ID', $prop->getId()); $xmlProperty->addChild('KEY', xssafe($prop->getKeyName())); $xmlProperty->addChild('VALUE', xssafe($prop->getKeyValue())); } $xmlEndpoint->addChild('URL', htmlspecialchars($endpoint->getUrl())); $xmlEndpoint->addChild('INTERFACENAME', $endpoint->getInterfaceName()); } } // Service Extensions $xmlServiceExtensions = $xmlService->addChild('EXTENSIONS'); foreach ($service->getServiceProperties() as $prop) { $xmlProperty = $xmlServiceExtensions->addChild('EXTENSION'); $xmlProperty->addChild('LOCAL_ID', $prop->getId()); $xmlProperty->addChild('KEY', xssafe($prop->getKeyName())); $xmlProperty->addChild('VALUE', xssafe($prop->getKeyValue())); } } // SG extensions $xmlSGExtensions = $xmlSg->addChild('EXTENSIONS'); foreach ($sg->getServiceGroupProperties() as $sgProp) { $xmlSgProperty = $xmlSGExtensions->addChild('EXTENSION'); $xmlSgProperty->addChild('LOCAL_ID', $sgProp->getId()); $xmlSgProperty->addChild('KEY', xssafe($sgProp->getKeyName())); $xmlSgProperty->addChild('VALUE', xssafe($sgProp->getKeyValue())); } } $dom_sxe = dom_import_simplexml($xml); $dom = new \DOMDocument('1.0'); $dom->encoding = 'UTF-8'; $dom_sxe = $dom->importNode($dom_sxe, true); $dom_sxe = $dom->appendChild($dom_sxe); $dom->formatOutput = true; $xmlString = $dom->saveXML(); return $xmlString; }
<form name="Move_Site" action="index.php?Page_Type=Admin_Move_Site" method="post" class="inputForm"> <h1>Move Site</h1> <br /> <span class="input_name">New NGI for selected sites</span> <select class="add_edit_form" name="NewNGI"> <?php foreach ($params['Ngis'] as $NGI) { echo "<option value=\"" . $NGI->getId() . "\">" . xssafe($NGI->getName()) . "</option>"; } ?> </select> <span class="input_name">Please select the site(s) to be moved from <?php xecho($params['OldNgi']); ?> </span> <select class="Downtime_Select" name="Sites[]" size="20" multiple id="Sites" style="margin-left: 0em; width: 38em;"> <?php foreach ($params['sites'] as $site) { echo "<option value=\"" . $site->getId() . "\">" . xssafe($site->getShortName()) . "</option>"; } ?> </select> <br> <input class="input_button" type="submit" value="Move Site" /> </form> </div>
function xecho($data) { if (!isset($data)) { return; } echo xssafe($data); }
if (isset($_REQUEST['logout']) && $_REQUEST['logout'] || isset($logout) && $logout) { $user->logout($idsession); Header("Location: " . $_SERVER['SCRIPT_URI'] . "?language=" . $lang); } print $html->header($l[$page_title]); if ($config->usergroups) { include 'libs/group.php'; $group = new Group($user->userid); if ($config->userlogs) { include 'libs/userlogs.php'; $userlogs = new UserLogs($group->groupid, $user->userid); } } if (empty($idsession)) { $idsession = $user->idsession; } if (!empty($idsession)) { $link = "?idsession=" . xssafe($idsession); $hiddenfields = '<input type="hidden" name="idsession" value="' . xssafe($idsession) . '">'; // add language only if different if (strcmp($lang, $user->lang)) { $link .= "&language=" . $lang; $hiddenfields .= '<input type="hidden" name="language" value="' . $lang . '">'; } } else { $link = "?language=" . $lang; } print $html->subheader($link); if ($user->error) { print $html->box('mainerror', $l['str_error'], sprintf($html->string_error, $user->error)); }
/** Returns proprietary GocDB rendering of the service endpoint data * in an XML String * @return String */ public function getXML() { $helpers = $this->helpers; $xml = new \SimpleXMLElement("<results />"); $serviceEndpoints = $this->serviceEndpoints; foreach ($serviceEndpoints as $se) { // maybe rename SERVICE_ENDPOINT to SERVICE $xmlSe = $xml->addChild('SERVICE_ENDPOINT'); $xmlSe->addAttribute("PRIMARY_KEY", $se->getId() . "G0"); $helpers->addIfNotEmpty($xmlSe, 'PRIMARY_KEY', $se->getId() . "G0"); $helpers->addIfNotEmpty($xmlSe, 'HOSTNAME', $se->getHostName()); $portalUrl = htmlspecialchars('#GOCDB_BASE_PORTAL_URL#/index.php?Page_Type=Service&id=' . $se->getId()); $helpers->addIfNotEmpty($xmlSe, 'GOCDB_PORTAL_URL', $portalUrl); $helpers->addIfNotEmpty($xmlSe, 'HOSTDN', $se->getDn()); $helpers->addIfNotEmpty($xmlSe, 'HOST_OS', $se->getOperatingSystem()); $helpers->addIfNotEmpty($xmlSe, 'HOST_ARCH', $se->getArchitecture()); if ($se->getBeta()) { $beta = "Y"; } else { $beta = "N"; } $xmlSe->addChild('BETA', $beta); $helpers->addIfNotEmpty($xmlSe, 'SERVICE_TYPE', $se->getServiceType()->getName()); $helpers->addIfNotEmpty($xmlSe, 'HOST_IP', $se->getIpAddress()); $helpers->addIfNotEmpty($xmlSe, 'HOST_IPV6', $se->getIpV6Address()); $xmlSe->addChild("CORE", ""); if ($se->getProduction()) { $prod = "Y"; } else { $prod = "N"; } $xmlSe->addChild('IN_PRODUCTION', $prod); if ($se->getMonitored()) { $mon = "Y"; } else { $mon = "N"; } $xmlSe->addChild('NODE_MONITORED', $mon); $site = $se->getParentSite(); $helpers->addIfNotEmpty($xmlSe, "SITENAME", $site->getShortName()); $helpers->addIfNotEmpty($xmlSe, "COUNTRY_NAME", $site->getCountry()->getName()); $helpers->addIfNotEmpty($xmlSe, "COUNTRY_CODE", $site->getCountry()->getCode()); $helpers->addIfNotEmpty($xmlSe, "ROC_NAME", $site->getNGI()->getName()); $xmlSe->addChild("URL", xssafe($se->getUrl())); if ($this->renderMultipleEndpoints) { $xmlEndpoints = $xmlSe->addChild('ENDPOINTS'); foreach ($se->getEndpointLocations() as $endpoint) { $xmlEndpoint = $xmlEndpoints->addChild('ENDPOINT'); $xmlEndpoint->addChild('ID', $endpoint->getId()); $xmlEndpoint->addChild('NAME', xssafe($endpoint->getName())); // Endpoint Extensions $xmlExtensions = $xmlEndpoint->addChild('EXTENSIONS'); foreach ($endpoint->getEndpointProperties() as $prop) { $xmlProperty = $xmlExtensions->addChild('EXTENSION'); $xmlProperty->addChild('LOCAL_ID', $prop->getId()); $xmlProperty->addChild('KEY', $prop->getKeyName()); $xmlProperty->addChild('VALUE', $prop->getKeyValue()); } $xmlEndpoint->addChild('URL', xssafe($endpoint->getUrl())); $xmlEndpoint->addChild('INTERFACENAME', $endpoint->getInterfaceName()); } } // Service Extensions $xmlExtensions = $xmlSe->addChild('EXTENSIONS'); foreach ($se->getServiceProperties() as $prop) { $xmlProperty = $xmlExtensions->addChild('EXTENSION'); $xmlProperty->addChild('LOCAL_ID', $prop->getId()); $xmlProperty->addChild('KEY', xssafe($prop->getKeyName())); $xmlProperty->addChild('VALUE', xssafe($prop->getKeyValue())); } } $dom_sxe = dom_import_simplexml($xml); $dom = new \DOMDocument('1.0'); $dom->encoding = 'UTF-8'; $dom_sxe = $dom->importNode($dom_sxe, true); $dom_sxe = $dom->appendChild($dom_sxe); $dom->formatOutput = true; $xmlString = $dom->saveXML(); return $xmlString; }
<?php $name = xssafe($params['Name']); $description = xssafe($params['Description']); $id = $params['ID']; $services = $params['Services']; $SEsCount = sizeof($services); $portalIsReadOnly = $params['portalIsReadOnly']; ?> <div class="rightPageContainer"> <!--Headings--> <div style="float: left; width: 50em;"> <h1 style="float: left; margin-left: 0em;">Service Type: <?php echo $name; ?> </h1> <span style="clear: both; float: left; padding-bottom: 0.4em;"><?php echo $description; ?> </span> </div> <!--Edit/Delete buttons--> <!-- Only show when portal is not read only mode --> <?php if (!$portalIsReadOnly) { ?> <div style="float: right;">
function app_submit($p) { $lines = line_split(get_content($p->pdir, 'format.txt')); $gen = array(); $i = 0; foreach ($lines as $line) { if (strtolower($line) == 'hr') { $gen[] = array('rawhtml', '<hr/>'); continue; } $label = trim(from(explode(':', $line), 1)); $value = xssafe(from($_REQUEST, 'apply-' . $i)); $gen[] = array('item', $label, $value); $i++; } $app_id = gen_token(8); $json = array('app_id' => $app_id, 'app_title' => from($_REQUEST, 'apply-title'), 'gen' => $gen, 'notes' => array(), 'votes' => array('yes' => array(), 'no' => array()), 'created' => time(), 'lastmod' => time(), 'applicant' => user_email()); $title_encoded = urlencode($json['app_title']); $title_encoded = str_replace('.', '%2E', $title_encoded); $title_encoded = str_replace('-', '%2D', $title_encoded); $file = $p->pdir . 'apps/' . POS_LABEL . '/' . $app_id . '-' . $title_encoded . '-' . $json['created'] . '-' . sha1(user_email()) . '.json'; if (!is_dir(dirname($file))) { mkdir(dirname($file), 0777, true); } file_put_contents($file, json_encode($json, JSON_PRETTY_PRINT)); chmod($file, 0777); }
<tr> <th class="site_table">Affected Endpoints</th> <th class="site_table">Url</th> <th class="site_table">Interface Name</th> </tr> <?php foreach ($se->getEndpointLocations() as $el) { echo '<tr>'; if (in_array($el, $dt->getEndpointLocations()->toArray())) { echo '<td>✓ <a href="index.php?Page_Type=View_Service_Endpoint&id=' . $el->getId() . '">' . xssafe($el->getName()) . '</a></td>'; echo '<td>' . xssafe($el->getUrl()) . '</td>'; echo '<td>' . xssafe($el->getInterfaceName()) . '</td>'; } else { echo '<td><span style=\'color: grey\'>✗ <a href="index.php?Page_Type=View_Service_Endpoint&id=' . $el->getId() . '">' . xssafe($el->getName()) . '</span></td>'; echo "<td><span style='color: grey'>" . xssafe($el->getUrl()) . '</span></td>'; echo "<td><span style='color: grey'>" . xssafe($el->getInterfaceName()) . '</span></td>'; } echo '</tr>'; } ?> </table> </td> </tr> <?php if ($num == 1) { $num = 2; } else { $num = 1; } }
<form name="Move_Service" action="index.php?Page_Type=Admin_Move_SEP" method="post" class="inputForm"> <h1>Move Service</h1> <br /> <span class="input_name">New site for selected services</span> <select class="add_edit_form" name="NewSite"> <?php foreach ($params['Sites'] as $Site) { echo "<option value=\"" . $Site->getId() . "\">" . xssafe($Site->getShortName()) . "</option>"; } ?> </select> <span class="input_name">Please select the service(s) to be moved from <?php xecho($params['OldSite']); ?> </span> <select class="Downtime_Select" name="Services[]" size="20" multiple id="Sites" style="margin-left: 0em; width: 38em;"> <?php foreach ($params['Services'] as $sep) { echo "<option value=\"" . $sep->getId() . "\">" . xssafe($sep->getHostName()) . "</option>"; } ?> </select> <br> <input class="input_button" type="submit" value="Move Service" /> </form> </div>
$surname = xssafe($requestingUser->getSurname()); $forename = xssafe($requestingUser->getForename()); echo "<a href='index.php?Page_Type=User&id={$requestingUserId}'>{$forename} {$surname}</a>"; ?> </td> <td class="site_table" style="width: 40%"> <?php xecho($request->getRoleType()->getName()); ?> </td> <td class="site_table" > <?php $entityId = $request->getOwnedEntity()->getId(); $entityName = xssafe($request->getOwnedEntity()->getName()); if ($request->getOwnedEntity() instanceof \ServiceGroup) { $entityClassName = 'Service_Group'; } elseif ($request->getOwnedEntity() instanceof \Site) { $entityClassName = 'Site'; } elseif ($request->getOwnedEntity() instanceof \NGI) { $entityClassName = 'NGI'; } elseif ($request->getOwnedEntity() instanceof \Project) { $entityClassName = 'Project'; } echo " <a href='index.php?Page_Type={$entityClassName}&id={$entityId}'>{$entityName} [{$entityClassName}]</a>"; ?> </td> <td class="site_table"> <!-- Do not show forms when portal is read only --> <?php
/** * Safely escape then echo the given string (xss mitigation function). * @see see https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet * @param string $data to encode */ function xecho($data) { echo xssafe($data); }
function verifySOA(&$val, $defval, $soattl = "SOA") { global $l; if (empty($val)) { $val = $defval; } else { $nval = intval($val); if (0 != strcmp($nval, $val) || $nval <= 0) { $this->error .= sprintf($l['str_primary_x_parameter_x_has_to_be_int'], xssafe($soattl), xssafe($val)); return; } $val = $nval; } }
$lang = $orig[0]["code_lang"]; } else { die("Invalid request"); } if (isset($_POST["code"]) || isset($_FILES["codefile"]) || isset($_POST["lang"])) { if (isset($_POST["name"]) && !empty($_POST["name"])) { if (!sanityCheck($_POST['name'], 'string', 5, 30)) { $errors[] = $tr["ERR_BOTNAME_LENGTH"]; } else { if (!checkBotname($_POST['name'])) { $errors[] = $tr["ERR_BOTNAME_FORMAT"]; } else { if (SQL("SELECT 1 FROM bots WHERE name = ? AND accountID != ?", $name, $_SESSION["accountID"]) != null) { $errors[] = $tr["ERR_NAME_CONFLICT"]; } else { $name = xssafe($_POST['name']); } } } } if (SQL("SELECT * FROM bots WHERE name = ? AND id != ?", $name, $id) != null) { $errors[] = $tr["ERR_NAME_CONFLICT"]; } if (isset($_POST["className"]) && !empty($_POST["className"])) { if (!sanityCheck($_POST['className'], 'string', 1, 60)) { $errors[] = $tr["ERR_BOTCLASSNAME_LENGTH"]; } else { $className = $_POST['className']; } } $codeFileUpload = isset($_FILES["codefile"]) && $_FILES["codefile"]["error"] != UPLOAD_ERR_NO_FILE;
function xecho($title) { echo xssafe($title); }
/** Returns proprietary GocDB rendering of the sites data * in an XML String * @return String */ public function getXML() { $helpers = $this->helpers; $xml = new \SimpleXMLElement("<results />"); $sites = $this->sites; foreach ($sites as $site) { $xmlSite = $xml->addChild('SITE'); $xmlSite->addAttribute('ID', $site->getId()); $xmlSite->addAttribute('PRIMARY_KEY', $site->getPrimaryKey()); $xmlSite->addAttribute('NAME', $site->getShortName()); $helpers->addIfNotEmpty($xmlSite, 'PRIMARY_KEY', $site->getPrimaryKey()); $helpers->addIfNotEmpty($xmlSite, 'SHORT_NAME', $site->getShortName()); $helpers->addIfNotEmpty($xmlSite, 'OFFICIAL_NAME', htmlspecialchars($site->getOfficialName())); $helpers->addIfNotEmpty($xmlSite, 'SITE_DESCRIPTION', htmlspecialchars($site->getDescription())); $portalUrl = '#GOCDB_BASE_PORTAL_URL#/index.php?Page_Type=Site&id=' . $site->getId(); $portalUrl = htmlspecialchars($portalUrl); $helpers->addIfNotEmpty($xmlSite, 'GOCDB_PORTAL_URL', $portalUrl); $helpers->addIfNotEmpty($xmlSite, 'HOME_URL', htmlspecialchars($site->getHomeUrl())); $helpers->addIfNotEmpty($xmlSite, 'CONTACT_EMAIL', $site->getEmail()); $helpers->addIfNotEmpty($xmlSite, 'CONTACT_TEL', $site->getTelephone()); $helpers->addIfNotEmpty($xmlSite, 'ALARM_EMAIL', $site->getAlarmEmail()); $helpers->addIfNotEmpty($xmlSite, 'GIIS_URL', htmlspecialchars($site->getGiisUrl())); // Tier is an optional parameter if ($site->getTier() != null) { $helpers->addIfNotEmpty($xmlSite, 'TIER', $site->getTier()->getName()); } $helpers->addIfNotEmpty($xmlSite, 'COUNTRY_CODE', $site->getCountry()->getCode()); $helpers->addIfNotEmpty($xmlSite, 'COUNTRY', $site->getCountry()->getName()); $helpers->addIfNotEmpty($xmlSite, 'ROC', $site->getNgi()->getName()); // SubGrid is an optional parameter if ($site->getSubGrid() != null) { $helpers->addIfNotEmpty($xmlSite, 'SUBGRID', $site->getSubGrid()->getName()); } $helpers->addIfNotEmpty($xmlSite, 'PRODUCTION_INFRASTRUCTURE', $site->getInfrastructure()->getName()); $helpers->addIfNotEmpty($xmlSite, 'CERTIFICATION_STATUS', $site->getCertificationStatus()->getName()); $helpers->addIfNotEmpty($xmlSite, 'TIMEZONE', $site->getTimezoneId()); $helpers->addIfNotEmpty($xmlSite, 'LATITUDE', $site->getLatitude()); $helpers->addIfNotEmpty($xmlSite, 'LONGITUDE', $site->getLongitude()); $helpers->addIfNotEmpty($xmlSite, 'CSIRT_EMAIL', $site->getCsirtEmail()); $domain = $xmlSite->addChild('DOMAIN'); $helpers->addIfNotEmpty($domain, 'DOMAIN_NAME', $site->getDomain()); $helpers->addIfNotEmpty($xmlSite, 'SITE_IP', $site->getIpRange()); $helpers->addIfNotEmpty($xmlSite, 'SITE_IPV6', $site->getIpV6Range()); $xmlExtensions = $xmlSite->addChild('EXTENSIONS'); foreach ($site->getSiteProperties() as $siteProp) { if ($siteProp != "") { $xmlSiteProperty = $xmlExtensions->addChild('EXTENSION'); $xmlSiteProperty->addChild('LOCAL_ID', $siteProp->getId()); $xmlSiteProperty->addChild('KEY', xssafe($siteProp->getKeyName())); $xmlSiteProperty->addChild('VALUE', xssafe($siteProp->getKeyValue())); } } } $dom_sxe = dom_import_simplexml($xml); $dom = new \DOMDocument('1.0'); $dom->encoding = 'UTF-8'; $dom_sxe = $dom->importNode($dom_sxe, true); $dom_sxe = $dom->appendChild($dom_sxe); $dom->formatOutput = true; $xmlString = $dom->saveXML(); return $xmlString; }
<tr class="site_table_row_<?php echo $num; ?> " <?php echo $style; ?> > <td class="site_table"> <div style="background-color: inherit;"> <span style="vertical-align: middle;"> <a href="index.php?Page_Type=User&id=<?php echo $user->getId(); ?> "> <?php echo xssafe($user->getSurname()) . ", " . xssafe($user->getForename()); ?> </a> </span> </div> </td> <td class="site_table"> <div style="background-color: inherit;"> <span style="vertical-align: middle;"> <a href="index.php?Page_Type=Admin_Edit_User_DN&id=<?php echo $user->getId(); ?> "> <?php xecho($user->getCertificateDn());
<?php # basic info $content .= sprintf('<form action="%s" method="post">', $_SERVER['PHP_SELF']); $content .= '<table id="createusertable"><tr>'; $content .= sprintf('<td align="right">%s:</td>', $l['str_login']); $content .= sprintf('<td><input type="text" name="loginnew" value="%s"></td>', xssafe($loginnew)); $content .= '</tr><tr>'; $content .= sprintf('<td align=right>%s</td>', $l['str_your_valid_email']); $content .= sprintf('<td><input type="text" name="email" value="%s"></td>', xssafe($email)); $content .= '</tr><tr>'; $content .= sprintf('<td align="right">%s:</td>', $l['str_new_password']); $content .= '<td><input type="password" name="passwordnew"></td>'; $content .= '</tr><tr>'; $content .= sprintf('<td align="right">%s:</td>', $l['str_confirm_password']); $content .= '<td><input type="password" name="confirmpasswordnew"></td>'; $content .= '</tr>'; # advanced parameters checkboxes if ($config->advancedinterface) { $content .= sprintf('<tr><td align="right">%s<br>(%s)</td>', $l['str_advanced_interface'], $l['str_advanced_interface_details']); $content .= sprintf('<td><input type=checkbox name="advanced"%s></td></tr>', $user->advanced || !empty($_REQUEST['advanced']) ? ' checked' : ''); } if ($config->ipv6interface) { $content .= sprintf('<tr><td align="right">%s<br>(%s)</td>', $l['str_ipv6_interface'], $l['str_ipv6_interface_details']); $content .= sprintf('<td><input type=checkbox name="ipv6"%s></td></tr>', $user->ipv6 || !empty($_REQUEST['ipv6']) ? ' checked' : ''); } if ($config->txtrecords) { $content .= sprintf('<tr><td align="right">%s<br>(%s)</td>', $l['str_txt_records'], $l['str_txt_records_details']); $content .= sprintf('<td><input type=checkbox name="txtrecords"%s></td></tr>', $user->txtrecords || !empty($_REQUEST['txtrecords']) ? ' checked' : ''); } if ($config->srvrecords) {
<?php // calculate the size of the impacted SEs appropriately if (sizeof($sites) > 20) { $size = 20; } else { $size = sizeof($sites) + 2; } ?> <select style="width: 99%; margin-right: 1%" class="form-control" id="Select_Sites" name="select_sites" size="10" onclick="loadSitesServicesAndEndpoints()"> <?php foreach ($sites as $site) { $sName = xssafe($site); echo "<option value=\"{$site->getId()}\" SELECTED>{$sName}</option>"; } ?> </select> <br /> <br /> </div> <div id="chooseServices" style="width: 50%; float: left; display: inline-block;"> <!-- Region will be loaded by AJAX - shows the services/endpoints of the chosen site --> </div> <!-- Create a hidden field to pass the confirmed value which at this point is false--> <?php $confirmed = false; ?>