} } // check valid pass length max if (intval($pass_length_max) < intval($pass_length_min) || intval($pass_length_max) < 1 || intval($pass_length_max) > 255) { $config->update('pass_length_max', 255); } else { $config->update('pass_length_max', intval($pass_length_max)); } // check valid expire min - max if ($pass_expire_max * 60 * 24 < $pass_expire_min) { $config->update('pass_expire_min', 0); } // Check and set certificates $lastconfig = new Config(); // To get latest inserted values $cert = $lastconfig->get_conf('framework_https_crt'); $pkey = $lastconfig->get_conf('framework_https_pem'); if ($certs) { $response = $api_client->system()->set_system_certificates($lastconfig->get_conf('framework_https_cert_plain'), $lastconfig->get_conf('framework_https_pem_plain'), $lastconfig->get_conf('framework_https_ca_cert_plain')); $response = @json_decode($response, TRUE); if (!$response || $response['status'] == 'error') { $error_string = sprintf(_('Unable to set SSL certificate: %s'), $response['message']); $flag_status = 2; } $flag_reconfig = 1; } $url = $_SERVER['SCRIPT_NAME'] . "?word=" . $word . "§ion=" . $section . "&status=" . $flag_status . "&error=" . urlencode($error_string) . "&warning=" . urlencode($warning_string) . '&reconfig=' . $flag_reconfig; if ($restart_server) { header("Location: " . AV_MAIN_PATH . "/conf/reload.php?what=directives&back=" . urlencode($url)); } else { header("Location: {$url}");
//Checking permissions if (!Session::am_i_admin()) { echo _('You do not have permissions to see this section'); die; } /************************************************************************************************/ /************************************************************************************************/ /*** This file is includen in step_loader.php hence the wizard object is defined in $wizard ***/ /*** database connection is stored in $conn ***/ /************************************************************************************************/ /************************************************************************************************/ if (!$wizard instanceof Welcome_wizard) { throw new Exception('There was an unexpected error'); } $config = new Config(); $otx_key = $config->get_conf("open_threat_exchange_key"); $v_tag = Session::is_pro() ? "USM" : "OSSIM"; ?> <script type='text/javascript'> function load_js_step() { load_handler_step_otx(); } </script> <div id='step_6' class='step_container'>
* * * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once 'av_init.php'; ?> function Av_internet_check() { <?php $conf = new Config(); $internet = $conf->get_conf('internet_connection'); ?> var _check_internet = <?php echo intval($internet); ?> ; var _internet = true //By default internet is yes. var _check_internet_connection = function() { var internet = false; var url = "https://www.alienvault.com/product/help/ping.php"; //If browser is IE9, cross domain synchronous won't work so we'll return true.
Session::useractive("session/login.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>OSSIM (Open Source Security Information Management)</title> <link rel="stylesheet" type="TEXT/CSS" href="style/top.css"> <style> html,body { height:100%} </style> </head> <body marginwidth=0 marginheight=0 topmargin=0 leftmargin=0> <?php require_once 'classes/Config.inc'; $config = new Config(); $version = $config->get_conf("ossim_server_version", FALSE); // ?> <table border=0 cellpadding=0 cellspacing=0 width="100%"> <tr> <td id="ossimlogo" style="background:url('pixmaps/top/bg_header.gif') repeat-x bottom left;height:65"> <table border=0 cellpadding=0 cellspacing=0 height="65"> <tr> <td style="padding-left:10px"> <?php if (file_exists("tmp/headers/_header_logo.png")) { ?> <img src="tmp/headers/_header_logo.png" border='0' width="210" height="42"></img> <?php } else { ?>
exit; } $response = array(); $otx_username = ''; $token = POST('token'); /* VALIDATION */ ossim_valid($token, OSS_ALPHA, 'illegal:' . _("OTX auth-token")); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); echo json_encode($response); exit; } $response['error'] = FALSE; $response['msg'] = Util::get_otx_username($token); // Some error fetching the username if ($response['msg']) { $response['error'] = TRUE; $response['msg'] = _('Unable to activate user or Invalid OTX auth-token'); } else { $conf = new Config(); $otx_username = $conf->get_conf('open_threat_exchange_username'); // If username is still empty there was an error if ($otx_username == '') { $response['error'] = TRUE; $response['msg'] = _('Unable to activate user or Invalid OTX auth-token'); } else { $response['msg'] = $otx_username; } } echo json_encode($response);
} $failed = true; $first_login = "******"; if (REQUEST('user') && trim($pass) != "") { require_once "classes/Config.inc"; $session = new Session($user, $pass, ""); $conf = new Config(); if ($accepted == "yes") { $conf->update("first_login", "no"); } $is_disabled = $session->is_disabled(); $login_return = $session->login(); $first_userlogin = $session->first_login(); $last_pass_change = $session->last_pass_change(); $login_exists = $session->login_exists(); $lockout_duration = intval($conf->get_conf("unlock_user_interval", FALSE)) * 60; $customize_wizard = intval($conf->get_conf("customize_wizard", FALSE)) ? true : false; if ($login_return != true) { $infolog = array(REQUEST('user')); $_SESSION['_user'] = ""; Log_action::log(94, $infolog); $failed = true; $bad_pass = true; $failed_retries = $conf->get_conf("failed_retries", FALSE); if ($login_exists && !$is_disabled && $lockout_duration > 0) { $_SESSION['bad_pass'][$user]++; if ($_SESSION['bad_pass'][$user] >= $failed_retries && $user != ACL_DEFAULT_OSSIM_ADMIN) { // auto-disable user $disabled = true; $session->login_disable(); }
if ($trial_days == 7) { if ($popup != '7days') { $flag_trial_popup = TRUE; $config->set($user, 'popup', '7days', 'simple', 'trial'); } } elseif ($trial_days == 2) { if ($popup != '2days') { $flag_trial_popup = TRUE; $config->set($user, 'popup', '2days', 'simple', 'trial'); } } $db->close(); } /* Track usage information */ $config = new Config(); $track_usage_information = $config->get_conf('track_usage_information'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo _("AlienVault " . ($pro ? "USM" : "OSSIM")); ?> </title> <?php //CSS Files $_files = array(array('src' => 'av_common.css?only_common=1', 'def_path' => TRUE), array('src' => 'home.css', 'def_path' => TRUE), array('src' => 'tipTip.css', 'def_path' => TRUE), array('src' => 'flexnav.css', 'def_path' => TRUE), array('src' => 'lightbox.css', 'def_path' => TRUE), array('src' => 'jquery.vex.css', 'def_path' => TRUE)); Util::print_include_files($_files, 'css'); //JS Files $_files = array(array('src' => 'jquery.min.js', 'def_path' => TRUE), array('src' => 'jquery-ui.min.js', 'def_path' => TRUE), array('src' => 'av_internet_check.js.php', 'def_path' => TRUE), array('src' => 'jquery.cookie.js', 'def_path' => TRUE), array('src' => 'jquery.json-2.2.js', 'def_path' => TRUE), array('src' => 'jquery.sparkline.js', 'def_path' => TRUE), array('src' => 'jquery.spasticNav.js', 'def_path' => TRUE), array('src' => 'jquery.flexnav.js', 'def_path' => TRUE), array('src' => 'utils.js', 'def_path' => TRUE), array('src' => 'lightbox.js', 'def_path' => TRUE), array('src' => 'purl.js', 'def_path' => TRUE), array('src' => 'jquery.tipTip.js', 'def_path' => TRUE), array('src' => 'jquery.vex.js.php', 'def_path' => TRUE), array('src' => 'av_menu.js.php', 'def_path' => TRUE), array('src' => 'desktop-notify.js', 'def_path' => TRUE), array('src' => 'notification.js', 'def_path' => TRUE), array('src' => 'av_system_notifications.js.php', 'def_path' => TRUE), array('src' => '/home/js/sidebar.js.php', 'def_path' => FALSE), array('src' => '/home/js/home.js.php', 'def_path' => FALSE));