function pluginsids_select($conn, $pid)
{
$select = '';
if ($pid != '' && $pid != '0') {
$sids = Plugin_sid::get_list($conn, "WHERE plugin_id={$pid}");
$select = "<select id='linkname' name='newlinkname' style='width:300px'>";
if (is_array($sids) && count($sids) > 0) {
foreach ($sids as $sid) {
$select .= "<option value='" . $sid->get_sid() . "##{$pid}'>" . $sid->get_name();
}
} else {
$select .= "<option value=''>" . _('No items found') . "</option>";
}
$select .= "</select>";
}
return $select;
}
/**
* Prints the html code on the output.Should be called to render the current rule
* (and all of its sub-rules) in a navigator. This method only display <tr> elements, and so
* other markups (eg <table>) must be printed in order to obtain a valid HTML
* code.
*/
function print_rule($level, &$rules)
{
global $conn;
list($id_dir, $id_rule, $id_father) = explode("-", $this->id);
$newid = new_id($this->id, &$rules);
$newlevel = $this->level + 1;
$ilevel = $this->level;
$directive_id = $_GET['directive'];
if ($this->level <= $level) {
if ($this->is_new()) {
?>
<tr bgcolor="f48222"><?php
} elseif ($level - $ilevel == 0) {
?>
<tr bgcolor="#ffffff"><?php
} elseif ($level - $ilevel == 1) {
?>
<tr bgcolor="#CCCCCC"><?php
} elseif ($level - $ilevel == 2) {
?>
<tr bgcolor="#999999"><?php
} elseif ($level - $ilevel == 3) {
?>
<tr bgcolor="#9999CC"><?php
} elseif ($level - $ilevel == 4) {
?>
<tr bgcolor="#6699CC"><?php
}
if ($ilevel - 1 != 0) {
?>
<td bgcolor="#ffffff" colspan=<?php
echo $ilevel - 1;
?>
>
</td>
<?php
}
?>
<td class="left" colspan=<?php
echo $level - $ilevel + 1;
?>
>
<?php
if (isset($_SESSION['rule'])) {
$newrule = unserialize($_SESSION['rule']);
list($id_dir2, $id_rule2, $id_father2) = explode("-", $newrule->id);
if ($id_father2 == $id_rule && $id_dir2 == $id_dir) {
$this->nb_child = $this->nb_child + 1;
}
}
if ($level - $ilevel == 0 && $this->nb_child > 0) {
?>
<a TARGET ="right" href="../viewer/index.php?directive=<?php
echo $directive_id;
?>
&level=<?php
echo $level + 1;
?>
"><img border="0" src="../viewer/img/fleched.gif"></a>
<?php
} elseif ($this->nb_child > 0) {
?>
<a TARGET ="right" href="../viewer/index.php?directive=<?php
echo $directive_id;
?>
&level=<?php
echo $ilevel;
?>
"><img border="0" src="../viewer/img/flecheb.gif"></a>
<?php
}
?>
</td>
<?php
if ($ilevel + 1 > $level) {
$newlev = $ilevel + 1;
} else {
$newlev = $level;
}
if ($level > 1) {
$uplevel = $level - 1;
} else {
$uplevel = 1;
}
//addRule button
if (!$this->is_new()) {
print '<td>';
print "<a TARGET=\"right\" href=\"../include/utils.php?query=add_rule&id=" . $newid . "\" TITLE=\"" . gettext("Add a rule") . "\">+</a>";
print '</td>';
//removeRule button
print '<td>';
print "<a onclick=\"javascript:if (confirm('" . gettext("Are you sure you want to delete this rule ?") . "')) { window.open('../include/utils.php?query=del_rule&id=" . $this->id . "','right'); }\" style=\"marging-left:20px; cursor:pointer\" TITLE=\"" . gettext("Delete this rule") . "\">x</a>";
print '</td>';
//left button
print '<td>';
print "<a TARGET=\"right\" href=\"../include/utils.php?query=move&direction=left&id=" . $this->id . "\">←</a>";
print '</td>';
//right button
print '<td>';
print "<a TARGET=\"right\" href=\"../include/utils.php?query=move&direction=right&id=" . $this->id . "\">→</a>";
print '</td>';
//up button
print '<td>';
print "<a TARGET=\"right\" href=\"../include/utils.php?query=move&direction=up&id=" . $this->id . "\">↑</a>";
print '</td>';
//down button
print '<td>';
print "<a TARGET=\"right\" href=\"../include/utils.php?query=move&direction=down&id=" . $this->id . "\">↓</a>";
print '</td>';
} else {
print '<td>     </td>';
print '<td>';
print "<a TARGET=\"right\" href=\"../include/utils.php?query=del_new_rule&level=" . $uplevel . "\" TITLE=\"Delete this rule.\">-</a>";
print '</td>';
for ($i = 0; $i < 4; $i++) {
print '<td>     </td>';
}
}
if ($this->is_new()) {
?>
<td><a TARGET="right" href="../include/utils.php?query=add_rule&id=<?php
echo $this->id;
?>
&level=<?php
echo $this->level;
?>
" TITLE="<?php
echo gettext("Click to modify this rule");
?>
"><?php
echo $this->name;
?>
</a></td>
<?php
} else {
?>
<td><a TARGET="right" href="../include/utils.php?query=edit_rule&id=<?php
echo $this->id;
?>
" TITLE="<?php
echo gettext("Click to modify this rule");
?>
"><?php
echo $this->name;
?>
</a></td>
<?php
}
?>
<td><?php
echo $this->reliability;
?>
</td>
<td><?php
echo $this->time_out;
?>
</td>
<td><?php
echo $this->occurrence;
?>
</td>
<td><?php
echo $this->from;
?>
</td>
<td><?php
echo $this->to;
?>
</td>
<td><?php
echo $this->port_from;
?>
</td>
<td><?php
echo $this->port_to;
?>
</td>
<td><?php
echo $this->sensor;
?>
</td>
<td>
<?php
if ($this->plugin_id != "") {
$plugin_id = $this->plugin_id;
if ($plugin_list = Plugin::get_list($conn, "WHERE id = {$plugin_id}")) {
$name = $plugin_list[0]->get_name();
echo "<a href=\"../../conf/pluginsid.php?id={$plugin_id}&" . "name={$name}\">{$name}</a> ({$plugin_id})";
}
}
?>
</td>
<td>
<?php
if ($this->plugin_id != "") {
$plugin_sid = $this->plugin_sid;
$plugin_sid_list = split(',', $plugin_sid);
if (count($plugin_sid_list) > 30) {
?>
<a style="cursor:pointer;" TITLE="<?php
echo gettext("To view or hide the list of plugin sid click here");
?>
" onclick="Menus('plugsid')"> <?php
echo gettext("Expand / Collapse");
?>
</a>
<div id="plugsid" class="menuhide">
<?php
}
foreach ($plugin_sid_list as $sid_negate) {
$sid = $sid_negate;
if (!strncmp($sid_negate, "!", 1)) {
$sid = substr($sid_negate, 1);
}
/* sid == ANY */
if (!strcmp($sid, "ANY")) {
echo gettext("ANY");
} elseif (strpos($sid, "PLUGIN_SID")) {
echo gettext("{$sid}");
} elseif ($plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id = {$plugin_id} AND sid = {$sid}")) {
$name = $plugin_list[0]->get_name();
echo "<a title=\"{$name}\">{$sid_negate}</a> ";
} else {
echo "<a title=\"" . gettext("Invalid plugin sid") . "\" style=\"color:red\">{$sid_negate}</a> ";
}
}
if (count($plugin_sid_list) > 30) {
?>
</div>
<?php
}
}
?>
</td>
</tr>
<?php
}
}
if ($plugin->get_sid() == $sid1) {
echo " selected='selected'";
}
?>
><?php
echo preg_replace("/(.............................).*/", "\\1[...]", $plugin->get_name());
?>
<?php
}
?>
</select>
</td>
<td id="sid2" class="nobborder" style="text-align:center;padding:20px">
<?php
$plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id={$id2} ORDER BY name", 0);
?>
<?php
echo _('Reference SID');
?>
:
<select id="sidajax2" onchange="document.frules.plugin_sid2.value=this.value">
<option value=""><?php
echo _('Select Reference SID');
?>
<?php
foreach ($plugin_list as $plugin) {
?>
<option value="<?php
echo $plugin->get_sid();
?>
ossim_valid($rel, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("rel"));
ossim_valid($category, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("category"));
ossim_valid($subcategory, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("subcategory"));
if (ossim_error()) {
die(ossim_error());
}
if (GET('modify') != "") {
Plugin_sid::update($conn, $plugin_id, $plugin_sid, $prio, $rel, $category, $subcategory);
Util::memcacheFlush();
?>
<script type="text/javascript">parent.GB_close();</script><?php
}
// Category
$list_categories = Category::get_list($conn);
// Plugin sid data
$plugins = Plugin_sid::get_list($conn, "WHERE plugin_id={$plugin_id} AND sid={$plugin_sid}");
$plugin = $plugins[0];
$error_message = "";
if (!isset($plugins[0])) {
$error_message = _("Plugin id or plugin sid doesn't exist");
} else {
$rel = $plugin->get_reliability();
$prio = $plugin->get_priority();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link rel="stylesheet" href="../style/av_common.css?t=<?php
echo Util::get_css_id();
?>
$sids = explode(",", $sids);
$range = "";
$sin = array();
foreach ($sids as $sid) {
if (preg_match("/(\\d+)-(\\d+)/", $sid, $found)) {
$range .= " OR (sid BETWEEN " . $found[1] . " AND " . $found[2] . ")";
} else {
$sin[] = $sid;
}
}
if (count($sin) > 0) {
$where = "sid in (" . implode(",", $sin) . ") {$range}";
} else {
$where = preg_replace("/^ OR /", "", $range);
}
$plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id={$id} AND ({$where})");
foreach ($plugin_list as $plugin) {
$id = $plugin->get_sid();
$name = "{$id} - " . trim($plugin->get_name());
if (strlen($name) > 73) {
$name = substr($name, 0, 70) . "...";
}
echo "<option value='{$id}' selected>{$name}</option>\n";
}
}
?>
</select><br><span id="msg"></span><br><br>
<input type="button" class="button" onclick="makesel()" value="Submit selection">
</form>
</body>
</html>
function rule_table($dom, $directive_id, $directive, $level, $ilevel)
{
global $conn;
if ($directive->has_child_nodes()) {
$rules = $directive->child_nodes();
$branch = 0;
foreach ($rules as $rule) {
if ($rule->type == XML_ELEMENT_NODE && $rule->tagname() == 'rule') {
if ($ilevel != $level) {
$indent = "<td colspan=" . ($ilevel - $level) . ">";
} else {
$indent = '';
}
if ($level == 1) {
?>
<tr><?php
echo $indent;
} elseif ($level == 2) {
?>
<tr bgcolor="#CCCCCC"><?php
echo $indent;
} elseif ($level == 3) {
?>
<tr bgcolor="#999999"><?php
echo $indent;
} elseif ($level == 4) {
?>
<tr bgcolor="#9999CC"><?php
echo $indent;
} elseif ($level == 5) {
?>
<tr bgcolor="#6699CC"><?php
echo $indent;
}
?>
<!-- expand -->
<td class="left" colspan=<?php
echo $level;
?>
>
<?php
if ($level == 1 && $rule->has_child_nodes()) {
?>
<a href="<?php
echo $_SERVER["SCRIPT_NAME"];
?>
?directive=<?php
echo $directive_id;
?>
&level=<?php
echo $ilevel + 1;
?>
"><?php
echo "+";
?>
</a>
<?php
} elseif ($rule->has_child_nodes()) {
?>
<a href="<?php
echo $_SERVER["SCRIPT_NAME"];
?>
?directive=<?php
echo $directive_id;
?>
&level=<?php
echo $ilevel - $level + 1;
?>
"><?php
echo '-';
?>
</a>
<?php
}
?>
</td>
<!-- end expand -->
<td><?php
echo $rule->get_attribute('name');
?>
</td>
<td><?php
echo $rule->get_attribute('reliability');
?>
</td>
<td><?php
echo $rule->get_attribute('time_out');
?>
</td>
<td><?php
echo $rule->get_attribute('occurrence');
?>
</td>
<td><?php
echo $rule->get_attribute('from');
?>
</td>
<td><?php
echo $rule->get_attribute('to');
?>
</td>
<td><?php
echo $rule->get_attribute('port_from');
?>
</td>
<td><?php
echo $rule->get_attribute('port_to');
?>
</td>
<td><?php
echo $rule->get_attribute('sensor');
?>
</td>
<td>
<?php
$plugin_id = $rule->get_attribute('plugin_id');
if ($plugin_list = Plugin::get_list($conn, "WHERE id = {$plugin_id}")) {
$name = $plugin_list[0]->get_name();
echo "<a href=\"../conf/pluginsid.php?id={$plugin_id}&" . "name={$name}\">{$name}</a> ({$plugin_id})";
}
?>
</td>
<td>
<?php
$plugin_sid = $rule->get_attribute('plugin_sid');
$plugin_sid_list = split(',', $plugin_sid);
if (count($plugin_sid_list) > 30) {
?>
<a style="cursor:hand;" TITLE="To view or hide the list of plugin sid click here." onclick="Menus('plugsid')"> <?php
echo gettext("Expand / Collapse");
?>
</a>
<div id="plugsid" class="menucache">
<?php
}
foreach ($plugin_sid_list as $sid_negate) {
$sid = $sid_negate;
if (!strncmp($sid_negate, "!", 1)) {
$sid = substr($sid_negate, 1);
}
/* sid == ANY */
if (!strcmp($sid, "ANY")) {
echo gettext("ANY");
} elseif (strpos($sid, "PLUGIN_SID")) {
echo gettext("{$sid}");
} elseif ($plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id = {$plugin_id} AND sid = {$sid}")) {
$name = $plugin_list[0]->get_name();
echo "<a title=\"{$name}\">{$sid_negate}</a> ";
}
}
if (count($plugin_sid_list) > 30) {
?>
</div>
<?php
}
?>
</td>
</tr>
<?php
if ($level > 1) {
if ($rule->has_child_nodes()) {
$rules = $rule->child_nodes();
foreach ($rules as $rule) {
rule_table($dom, $directive_id, $rule, $level - 1, $ilevel);
}
}
}
$branch++;
}
}
/* foreach */
}
}
function getPluginSidList($plugin_id, $req)
{
global $conn;
if ($plugin_sid_list = Plugin_sid::get_list($conn, 'WHERE plugin_id = ' . $plugin_id . ' ' . $req)) {
return $plugin_sid_list;
}
return '';
}
<?php
}
foreach ($plugin_sid_list as $sid_negate) {
$sid = $sid_negate;
if (!strncmp($sid_negate, "!", 1)) {
$sid = substr($sid_negate, 1);
}
/* sid == ANY */
if (!strcmp($sid, "ANY")) {
echo gettext("ANY");
} elseif (strpos($sid, "PLUGIN_SID")) {
echo gettext("{$sid_negate}");
} elseif (preg_match("/^\\d+\$/", $rule->plugin_id) && ($plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id = " . $rule->plugin_id . " AND sid = {$sid}"))) {
$name = $plugin_list[0]->get_name();
echo "<a title=\"" . str_replace("\"", "'", $name) . "\" class=\"info\"><b>{$sid_negate}</b></a> ";
} elseif ($rule->product && ($plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id IN (SELECT id FROM plugin WHERE product_type IN (" . $rule->product . ")) AND sid = {$sid}"))) {
$name = $plugin_list[0]->get_name();
echo "<a title=\"" . str_replace("\"", "'", $name) . "\" class=\"info\"><b>{$sid_negate}</b></a> ";
} else {
echo "<a title=\"" . gettext("Invalid plugin sid") . "\" style=\"color:red\" class=\"info\">{$sid_negate}</a> ";
}
}
if (count($plugin_sid_list) > 30) {
?>
</div>
<?php
}
} elseif ($rule->category) {
// Can not redeclare class Category. Must do queries...
$query = "SELECT name FROM category WHERE id = " . $rule->category;
$rs = $conn->Execute($query);
$order = "sid";
}
$where = "WHERE sid <> 20000000 AND sid <> 2000000000 AND plugin_id = {$id}";
if (!empty($search) && !empty($field)) {
if ($field == "category_id") {
$pids = Plugin_sid::GetPluginSidsByCategory($conn, $id, $search, $subcategory_id);
$plugin_list = implode(",", $pids);
$where .= " AND sid in ({$plugin_list})";
} else {
$where .= " AND {$field} like '%" . $search . "%'";
}
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$xml = "";
if ($plugin_list = Plugin_sid::get_list($conn, "{$where} ORDER BY {$order} {$limit}")) {
$total = $plugin_list[0]->get_foundrows();
if ($total == 0) {
$total = count($plugin_list);
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($plugin_list as $plugin) {
$id = $plugin->get_plugin_id();
$sid = $plugin->get_sid();
$name = $plugin->get_name();
$xml .= "<row id='{$sid}'>";
$xml .= "<cell><![CDATA[" . $id . "]]></cell>";
$xml .= "<cell><![CDATA[" . $sid . "]]></cell>";
// translate category id
$range = "";
$sin = array();
foreach ($sids as $sid) {
if (preg_match("/(\\d+)-(\\d+)/", $sid, $found)) {
$range .= " OR (sid BETWEEN " . $found[1] . " AND " . $found[2] . ")";
} else {
$sin[] = $sid;
}
}
if (count($sin) > 0) {
$where = "sid in (" . implode(",", $sin) . ") {$range}";
} else {
$where = preg_replace("/^ OR /", "", $range);
}
$plugin_id_list = $product_type ? get_plugin_list($conn, $product_type) : $rule->plugin_id;
$w = $plugin_id_list != "" ? "plugin_id in (" . $plugin_id_list . ")" : "1=1";
$plugin_list = Plugin_sid::get_list($conn, "WHERE {$w} AND ({$where})");
foreach ($plugin_list as $plugin) {
$id_plugin = $plugin->get_sid();
$name = "{$id_plugin} - " . trim($plugin->get_name());
if (strlen($name) > 73) {
$name = substr($name, 0, 70) . "...";
}
$options .= "<option value='{$id_plugin}' selected>{$name}</option>\n";
}
}
$options .= "</select><br><br><span id='msg'></span><br><br>";
$response['error'] = false;
$response['data'] = $options;
echo json_encode($response);
$db->close($conn);
$sids = explode(",", $rule->plugin_sid);
$range = "";
$sin = array();
foreach ($sids as $sid) {
if (preg_match("/(\\d+)-(\\d+)/", $sid, $found)) {
$range .= " OR (sid BETWEEN " . $found[1] . " AND " . $found[2] . ")";
} else {
$sin[] = $sid;
}
}
if (count($sin) > 0) {
$where = "sid in (" . implode(",", $sin) . ") {$range}";
} else {
$where = preg_replace("/^ OR /", "", $range);
}
$plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id=" . $rule->plugin_id . " AND ({$where})");
foreach ($plugin_list as $plugin) {
$id_plugin = $plugin->get_sid();
$name = "{$id_plugin} - " . trim($plugin->get_name());
if (strlen($name) > 73) {
$name = substr($name, 0, 70) . "...";
}
echo "<option value='{$id_plugin}' selected>{$name}</option>\n";
}
}
?>
</select>
</td>
</tr>
</table>
</td>
</th>
<th><?php
echo _("Name");
?>
</th>
<th><?php
echo _("R");
?>
</th>
<th><?php
echo _("P");
?>
</th>
</tr>
<?php
$sid_list = Plugin_sid::get_list($conn, "WHERE plugin_id={$id}");
$i = 0;
foreach ($sid_list as $sid) {
$bgcolor = $i++ % 2 == 0 ? "bgcolor='#eeeeee'" : "";
?>
<tr <?php
echo $bgcolor;
?>
>
<td class="noborder"><input type="checkbox" value="<?php
echo $sid->get_sid();
?>
" onclick="uncheckall()" name="sid<?php
echo $i;
?>
" <?php
require_once 'classes/Security.inc';
require_once 'classes/Compliance.inc';
require_once 'classes/Plugin_sid.inc';
require_once 'ossim_db.inc';
require_once 'ossim_conf.inc';
$db = new ossim_db();
$conn = $db->connect();
$ref = explode("_", GET('ref'));
$is_pci = GET('pci') != "" ? 1 : 0;
$groups = $is_pci ? PCI::get_groups($conn) : ISO27001::get_groups($conn);
$sids = $groups[$ref[0]]['subgroups'][$ref[1]]['SIDSS_Ref'];
ossim_valid($sids, OSS_DIGIT, ',', 'illegal:' . _("sids"));
if (ossim_error()) {
die(ossim_error());
}
$plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id = 1505 AND sid in ({$sids})");
if (count($plugin_list) > 0) {
?>
<table width="100%" align="center">
<?php
foreach ($plugin_list as $p) {
?>
<tr><td><?php
echo $p->get_name();
?>
</td></tr>
<?php
}
?>
</table>
<?php
<td valign="top" class="nobborder">
<?php
if ($link_type == "directive") {
?>
<input type="text" name="newlinkname" style='width:99%'/>
<?php
} elseif ($link_type == "plugin_sid") {
$plugins = Plugin::get_list($conn, "ORDER BY name");
echo "<select name='pid' onchange='document.flinks.submit()'>";
foreach ($plugins as $plugin) {
$sel = $plugin->get_id() == $pid ? "selected='selected'" : "";
echo "<option value='" . $plugin->get_id() . "' {$sel}>" . $plugin->get_name();
}
echo "</select><br>";
if ($pid != "" && $pid != "0") {
$sids = Plugin_sid::get_list($conn, "where plugin_id={$pid}");
echo "<select name='newlinkname' style='width:200px; margin-top:5px;'>";
foreach ($sids as $sid) {
echo "<option value='" . $sid->get_sid() . "####{$pid}'>" . $sid->get_name();
}
echo "</select>";
}
} else {
?>
<select name="newlinkname" style="width:300px">
<?php
foreach ($hostnet_list as $hostnet) {
?>
<option value="<?php
echo $hostnet['name'];
?>
if ($product_type == "null") {
$product_type = "";
}
if ($plugin_id < 1) {
$plugin_id = "";
}
ossim_valid($plugin_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("ID"));
ossim_valid($q, OSS_TEXT, OSS_NULLABLE);
ossim_valid($product_type, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Product Type"));
if (ossim_error()) {
return false;
}
$db = new ossim_db();
$conn = $db->connect();
$more = "";
if ($q != "") {
$more = preg_match("/^\\d+\$/", $q) ? "AND sid like '{$q}%'" : "AND name like '%{$q}%'";
}
$plugin_id_list = $product_type ? get_plugin_list($conn, $product_type) : $plugin_id;
$w = $plugin_id_list != "" ? "plugin_id in (" . $plugin_id_list . ")" : "1=1";
$plugin_list = Plugin_sid::get_list($conn, "WHERE {$w} {$more} ORDER BY plugin_id, sid LIMIT 150");
if ($plugin_list[0]->foundrows > 150) {
echo "Total=" . $plugin_list[0]->foundrows . "\n";
}
foreach ($plugin_list as $plugin) {
$id = $plugin->get_sid();
$name = "{$id} - " . trim($plugin->get_name());
//if (strlen($name)>73) $name=substr($name,0,70)."...";
echo "{$id}={$name}\n";
}
$db->close($conn);
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "PluginGroups");
$plugin_id = GET('plugin_id');
$q = urldecode(GET('q'));
ossim_valid($plugin_id, OSS_DIGIT, 'illegal:' . _("ID"));
ossim_valid($q, OSS_TEXT, OSS_NULLABLE);
if (ossim_error()) {
return false;
}
$q = addslashes($q);
$db = new ossim_db();
$conn = $db->connect();
$more = "";
if ($q != "") {
$more = preg_match("/^\\d+\$/", $q) ? "AND sid like '{$q}%'" : "AND name like '%{$q}%'";
}
$plugin_list = Plugin_sid::get_list($conn, "WHERE plugin_id={$plugin_id} {$more} ORDER BY sid LIMIT 150");
if ($plugin_list[0]->foundrows > 150) {
echo "Total=" . $plugin_list[0]->foundrows . "\n";
}
foreach ($plugin_list as $plugin) {
$id = $plugin->get_sid();
$name = "{$id} - " . trim($plugin->get_name());
//if (strlen($name)>73) $name=substr($name,0,70)."...";
echo "{$id}={$name}\n";
}
$db->close();
//$rep_src_bgcolor = Reputation::getrepbgcolor($event_info["rep_prio_src"]);
$rep_dst_icon = Reputation::getrepimg($event_info["rep_prio_dst"], $event_info["rep_rel_dst"], $event_info["rep_act_dst"], $s_dst_ip);
//$rep_dst_bgcolor = Reputation::getrepbgcolor($event_info["rep_prio_dst"]);
$c_src_homelan = $homelan_src ? 'bold alarm_netlookup' : '';
$source_link = $src_img . " <a href='{$s_src_link}' class='{$c_src_homelan}' data-title='{$s_src_ip}-{$ctx_src}' title='{$s_src_ip}'>" . $s_src_name . $s_src_port . "</a> {$rep_src_icon}";
$source_balloon = "<div id='" . $s_src_ip . ";" . $s_src_name . ";" . $event_info["src_host"] . "' ctx='{$ctx}' id2='" . $s_src_ip . ";" . $s_dst_ip . "' class='HostReportMenu'>";
$source_balloon .= $source_link;
$source_balloon .= "</div>";
$c_dst_homelan = $homelan_dst ? 'bold alarm_netlookup' : '';
$dest_link = $dst_img . " <a href='{$s_dst_link}' class='{$c_dst_homelan}' data-title='{$s_dst_ip}-{$ctx_dst}' title='{$s_dst_ip}'>" . $s_dst_name . $s_dst_port . "</a> {$rep_dst_icon}";
$dest_balloon = "<div id='" . $s_dst_ip . ";" . $s_dst_name . ";" . $event_info["dst_host"] . "' ctx='{$ctx}' id2='" . $s_dst_ip . ";" . $s_src_ip . "' class='HostReportMenu'>";
$dest_balloon .= $dest_link;
$dest_balloon .= "</div>";
// $selection_array[$group_id][$child_number] = $s_backlog_id . "-" . $s_event_id;
$s_sid_name = "";
if ($s_plugin_sid_list = Plugin_sid::get_list($conn, "WHERE plugin_id = {$s_id} AND sid = {$s_sid}")) {
$s_sid_name = $s_plugin_sid_list[0]->get_name();
$s_sid_priority = $s_plugin_sid_list[0]->get_priority();
} else {
$s_sid_name = "Unknown (id={$s_id} sid={$s_sid})";
$s_sid_priority = "N/A";
}
$s_last = Util::timestamp2date($s_alarm->get_last());
$timestamp_utc = Util::get_utc_unixtime($s_last);
$s_last = gmdate("Y-m-d H:i:s", $timestamp_utc + 3600 * $tz);
$s_event_count = Alarm::get_total_events($conn, $s_backlog_id);
$aux_date = Util::timestamp2date($s_alarm->get_timestamp());
$timestamp_utc = Util::get_utc_unixtime($s_alarm->get_timestamp());
$s_date = gmdate("Y-m-d H:i:s", $timestamp_utc + 3600 * $tz);
if ($s_backlog_id && $s_id == 1505 && $s_event_count > 0) {
$aux_date = Util::timestamp2date($s_alarm->get_since());
$sids_keys[$newsid] = true;
$sids_str = preg_replace("/^\\,|\\,\$/", "", implode(",", array_keys($sids_keys)));
$table = $groups[$ref[0]]['subgroups'][$ref[1]]['table'];
if ($pci) {
PCI::update_sids($conn, $table, $ref[1], $sids_str);
} else {
ISO27001::update_sids($conn, $table, $ref[1], $sids_str);
}
}
}
$groups = $pci ? PCI::get_groups($conn) : ISO27001::get_groups($conn);
}
$sids = $groups[$ref[0]]['subgroups'][$ref[1]]['SIDSS_Ref'];
$title = $groups[$ref[0]]['subgroups'][$ref[1]]['Security_controls'];
$sids_keys = get_sids($sids);
$directives = Plugin_sid::get_list($conn, "WHERE plugin_id=1505");
?>
<html>
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
- <?php
echo _("Compliance");
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<link rel="stylesheet" type="text/css" href="../style/style.css"/>
<script src="../js/jquery-1.3.2.min.js" language="javascript" type="text/javascript"></script>
</head>