function select_profile() { global $sid, $username, $dbconn, $version, $nessus_path; $args = ""; if (!Session::am_i_admin()) { list($owners, $sqlowners) = Vulnerabilities::get_users_and_entities_filter($dbconn); $owners[] = '0'; $sql_perms .= " OR owner IN('" . implode("', '", $owners) . "')"; $args = "WHERE name='Default' OR name='Deep' OR name='Ultimate' " . $sql_perms; } $layouts = array(); $query = "SELECT id, name, description, owner, type FROM vuln_nessus_settings {$args} ORDER BY name"; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $result = $dbconn->execute($query); echo "<CENTER>"; echo "<table class=\"transparent\"><tr><td class=\"sec_title\">" . _("Vulnerability Scan Profiles") . "</td></tr></table>"; echo "<p>"; echo _("Please select a profile to edit") . ":"; echo "</p>"; echo "<table class='table_list'>"; echo "<tr>"; echo "<th>" . _("Available for") . "</th>"; echo "<th>" . _("Profile") . "</th>"; echo "<th>" . _("Description") . "</th>"; echo "<th>" . _("Action") . "</th>"; echo "</tr>"; $color = 0; while (!$result->EOF) { $sid = $result->fields[0]; $sname = $result->fields[1]; $sdescription = $result->fields[2]; $sowner = $result->fields[3]; $stype = $result->fields[4]; echo "<tr id='profile{$sid}'>"; if ($sowner == "0") { echo "<td>" . _("All") . "</td>"; } elseif (valid_hex32($sowner)) { echo "<td style='padding:0px 2px 0px 2px;'>" . Session::get_entity_name($dbconn, $sowner) . "</td>"; } else { echo "<td>" . Util::htmlentities($sowner) . "</td>"; } echo "<td width='200'>" . Util::htmlentities($sname) . "</td>"; echo "<td width='450'>" . Util::htmlentities($sdescription) . "</td>"; echo "<td>"; if ($sname == "Default" || $sname == "Deep" || $sname == "Ultimate") { echo "<img src=\"images/pencil.png\" class=\"tip disabled\" title=\"" . _("{$sname} profile can't be edited, clone it to make changes") . "\" />"; echo "<img src=\"images/delete.gif\" class=\"tip disabled\" title=\"" . _("{$sname} profile can't be deleted") . "\" />"; } else { if (Vulnerabilities::can_modify_profile($dbconn, $sname, $sowner)) { echo "<a href='settings.php?disp=edit&sid={$sid}'><img class='hand' id='edit_" . md5($sname . $sowner) . "' src='images/pencil.png' ></a>"; } else { echo "<img class='disabled' src='images/pencil.png'>"; } if (Vulnerabilities::can_delete_profile($dbconn, $sname, $sowner)) { echo "<img class='hand' src='images/delete.gif' id='delete_" . md5($sname . $sowner) . "' onclick='deleteProfile({$sid})'>"; } else { echo "<img class='disabled' src=\"images/delete.gif\" >"; } } echo "</td>"; echo "</tr>"; $result->MoveNext(); $color++; } echo "</table>"; echo "<center>"; echo "<form>"; echo "<br/>"; echo "<input type='button' onclick=\"document.location.href='settings.php?disp=new'\" id=\"new_profile\" value=\"" . _("Create New Profile") . "\"/>"; echo "</form>"; echo "</p>"; echo "</center>"; // end else }