$user = Session::get_session_user();
require_once 'ossim_db.inc';
$db1 = new ossim_db();
$conn1 = $db1->connect();
tmp_insert($conn1, "PCI.R01_FW_Config");
tmp_insert($conn1, "PCI.R02_Vendor_default");
tmp_insert($conn1, "PCI.R03_Stored_cardholder");
tmp_insert($conn1, "PCI.R04_Data_encryption");
tmp_insert($conn1, "PCI.R05_Antivirus");
tmp_insert($conn1, "PCI.R06_System_app");
tmp_insert($conn1, "PCI.R07_Access_control");
tmp_insert($conn1, "PCI.R08_UniqueID");
tmp_insert($conn1, "PCI.R09_Physical_Access");
tmp_insert($conn1, "PCI.R10_Monitoring");
tmp_insert($conn1, "PCI.R11_Security_test");
tmp_insert($conn1, "PCI.R12_IS_Policy");
$sql = "SELECT * FROM ( SELECT * FROM\n(select 'R1 Firewall Config','R01_FW_Config', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R01_FW_Config') AND a.user='******' AND " . $sql_year . " ) AS A5\nUNION SELECT * FROM\n(select 'R2 Vendor Default','R02_Vendor_default', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R02_Vendor_default') AND a.user='******' AND " . $sql_year . " ) AS A6\nUNION SELECT * FROM\n(select 'R3 Stored Cardholder','R03_Stored_cardholder', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R03_Stored_cardholder') AND a.user='******' AND " . $sql_year . " ) AS A7\nUNION SELECT * FROM\n(select 'R4 Data Encryption','R04_Data_encryption', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R04_Data_encryption') AND a.user='******' AND " . $sql_year . " ) AS A8\nUNION SELECT * FROM\n(select 'R5 Antivirus','R05_Antivirus', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R05_Antivirus') AND a.user='******' AND " . $sql_year . " ) AS A9\nUNION SELECT * FROM\n(select 'R6 System Appplication','R06_System_app', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R06_System_app') AND a.user='******' AND " . $sql_year . " ) AS A10\nUNION SELECT * FROM\n(select 'R7 Access Control','R07_Access_control', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R07_Access_control') AND a.user='******' AND " . $sql_year . " ) AS A11\nUNION SELECT * FROM\n(select 'R8 Unique ID','R08_UniqueID', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R08_UniqueID') AND a.user='******' AND " . $sql_year . " ) AS A12\nUNION SELECT * FROM\n(select 'R9 Physical Access','R09_Physical_Access', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R09_Physical_Access') AND a.user='******' AND " . $sql_year . " ) AS A13\nUNION SELECT * FROM\n(select 'R10 Monitoring','R10_Monitoring', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R10_Monitoring') AND a.user='******' AND " . $sql_year . " ) AS A14\nUNION SELECT * FROM\n(select 'R11 Security Tests','R11_Security_test', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R11_Security_test') AND a.user='******' AND " . $sql_year . " ) AS A15\nUNION SELECT * FROM\n(select 'R12 IS Policy','R12_IS_Policy', count(*) as volume from datawarehouse.ssi_user a where\na.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R12_IS_Policy') AND a.user='******' AND " . $sql_year . " ) AS A15\n) AS alliso;";
if (!($rs =& $conn1->Execute($sql))) {
print $conn1->ErrorMsg();
}
$var_dss = array();
while (!$rs->EOF) {
$var1 = $rs->fields[0];
$var2 = $rs->fields[1];
$var3 = $rs->fields["volume"];
$var_dss[] = array('var1' => $var1, 'var2' => $var2, 'var3' => $var3);
$rs->MoveNext();
}
$db1->close($conn1);
// define colors
define('COLOR1', '#D6302C');
$htmlPdfReport->set($htmlPdfReport->newTitle($title, "", "", null));
$htmlPdfReport->set('<table align="center" width="750" cellpadding="0" cellspacing="0"><tr><td>' . _('Database not found') . ': PCI' . $pci_version . '</td></tr></table><br/><br/>');
$db1->close();
} else {
tmp_insert($conn1, "PCI{$pci_version}.R01_FW_Config");
tmp_insert($conn1, "PCI{$pci_version}.R02_Vendor_default");
tmp_insert($conn1, "PCI{$pci_version}.R03_Stored_cardholder");
tmp_insert($conn1, "PCI{$pci_version}.R04_Data_encryption");
tmp_insert($conn1, "PCI{$pci_version}.R05_Antivirus");
tmp_insert($conn1, "PCI{$pci_version}.R06_System_app");
tmp_insert($conn1, "PCI{$pci_version}.R07_Access_control");
tmp_insert($conn1, "PCI{$pci_version}.R08_UniqueID");
tmp_insert($conn1, "PCI{$pci_version}.R09_Physical_Access");
tmp_insert($conn1, "PCI{$pci_version}.R10_Monitoring");
tmp_insert($conn1, "PCI{$pci_version}.R11_Security_test");
tmp_insert($conn1, "PCI{$pci_version}.R12_IS_Policy");
$sql = "SELECT * FROM ( SELECT * FROM\n (select 'R1 Firewall Config','R01_FW_Config', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R01_FW_Config') AND a.user='******' AND " . $sql_year . " ) AS A5\n UNION SELECT * FROM\n (select 'R2 Vendor Default','R02_Vendor_default', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R02_Vendor_default') AND a.user='******' AND " . $sql_year . " ) AS A6\n UNION SELECT * FROM\n (select 'R3 Stored Cardholder','R03_Stored_cardholder', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R03_Stored_cardholder') AND a.user='******' AND " . $sql_year . " ) AS A7\n UNION SELECT * FROM\n (select 'R4 Data Encryption','R04_Data_encryption', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R04_Data_encryption') AND a.user='******' AND " . $sql_year . " ) AS A8\n UNION SELECT * FROM\n (select 'R5 Antivirus','R05_Antivirus', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R05_Antivirus') AND a.user='******' AND " . $sql_year . " ) AS A9\n UNION SELECT * FROM\n (select 'R6 System Appplication','R06_System_app', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R06_System_app') AND a.user='******' AND " . $sql_year . " ) AS A10\n UNION SELECT * FROM\n (select 'R7 Access Control','R07_Access_control', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R07_Access_control') AND a.user='******' AND " . $sql_year . " ) AS A11\n UNION SELECT * FROM\n (select 'R8 Unique ID','R08_UniqueID', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R08_UniqueID') AND a.user='******' AND " . $sql_year . " ) AS A12\n UNION SELECT * FROM\n (select 'R9 Physical Access','R09_Physical_Access', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R09_Physical_Access') AND a.user='******' AND " . $sql_year . " ) AS A13\n UNION SELECT * FROM\n (select 'R10 Monitoring','R10_Monitoring', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R10_Monitoring') AND a.user='******' AND " . $sql_year . " ) AS A14\n UNION SELECT * FROM\n (select 'R11 Security Tests','R11_Security_test', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R11_Security_test') AND a.user='******' AND " . $sql_year . " ) AS A15\n UNION SELECT * FROM\n (select 'R12 IS Policy','R12_IS_Policy', count(*) as volume from datawarehouse.ssi_user a where\n a.sid in (SELECT sid from datawarehouse.tmp_user WHERE user='******' and section='R12_IS_Policy') AND a.user='******' AND " . $sql_year . " ) AS A15\n ) AS alliso;";
$rs = $conn1->Execute($sql);
if (!$rs) {
print $conn1->ErrorMsg();
}
$var_dss = array();
while (!$rs->EOF) {
$var1 = $rs->fields[0];
$var2 = $rs->fields[1];
$var3 = $rs->fields["volume"];
$var_dss[] = array('var1' => $var1, 'var2' => $var2, 'var3' => $var3);
$rs->MoveNext();
}
$htmlPdfReport->pageBreak();
$htmlPdfReport->setBookmark($title);
define('COLOR7', '#00008B');
define('COLOR8', '#800080');
define('COLOR9', '#FFA500');
define('COLOR10', '#A52A2A');
define('COLOR11', '#228B22');
define('COLOR12', '#D3D3D3');
//
require_once 'ossim_db.inc';
$db = new ossim_db();
$conn = $db->connect();
$conn->Execute('use datawarehouse');
/*
$sql="select CONCAT(x1,'.',x2,'.',x3) as title, count(*) as volume from PCI.R02_Vendor_default r, datawarehouse.ssi_user i where
i.sid=r.SIDSS_Ref AND i.user='******' AND i.year=".$year." GROUP BY 1";
*/
tmp_insert($conn, "PCI{$pci_version}.{$table}");
$sql = "select r.req as title, count(*) as volume from datawarehouse.tmp_user r, datawarehouse.ssi_user i where r.user='******' and section='{$table}' AND i.sid=r.sid AND i.user='******' AND " . $sql_year . " GROUP BY 1;";
$rs = $conn->Execute($sql);
if (!$rs) {
print $conn->ErrorMsg();
return;
}
// test perms for source or destination ips
$var = array();
$rows = 0;
while (!$rs->EOF) {
$var1 = $rs->fields["title"];
$var2 = $rs->fields["volume"];
$var[] = array('var1' => $var1, 'var2' => $var2);
$rs->MoveNext();
$rows++;
