function select_profile()
{
global $sid, $username, $dbconn, $version, $nessus_path;
$args = "";
if (!Session::am_i_admin()) {
list($owners, $sqlowners) = Vulnerabilities::get_users_and_entities_filter($dbconn);
$owners[] = '0';
$sql_perms .= " OR owner IN('" . implode("', '", $owners) . "')";
$args = "WHERE name='Default' OR name='Deep' OR name='Ultimate' " . $sql_perms;
}
$layouts = array();
$query = "SELECT id, name, description, owner, type FROM vuln_nessus_settings {$args} ORDER BY name";
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
$result = $dbconn->execute($query);
echo "<CENTER>";
echo "<table class=\"transparent\"><tr><td class=\"sec_title\">" . _("Vulnerability Scan Profiles") . "</td></tr></table>";
echo "<p>";
echo _("Please select a profile to edit") . ":";
echo "</p>";
echo "<table class='table_list'>";
echo "<tr>";
echo "<th>" . _("Available for") . "</th>";
echo "<th>" . _("Profile") . "</th>";
echo "<th>" . _("Description") . "</th>";
echo "<th>" . _("Action") . "</th>";
echo "</tr>";
$color = 0;
while (!$result->EOF) {
$sid = $result->fields[0];
$sname = $result->fields[1];
$sdescription = $result->fields[2];
$sowner = $result->fields[3];
$stype = $result->fields[4];
echo "<tr id='profile{$sid}'>";
if ($sowner == "0") {
echo "<td>" . _("All") . "</td>";
} elseif (valid_hex32($sowner)) {
echo "<td style='padding:0px 2px 0px 2px;'>" . Session::get_entity_name($dbconn, $sowner) . "</td>";
} else {
echo "<td>" . Util::htmlentities($sowner) . "</td>";
}
echo "<td width='200'>" . Util::htmlentities($sname) . "</td>";
echo "<td width='450'>" . Util::htmlentities($sdescription) . "</td>";
echo "<td>";
if ($sname == "Default" || $sname == "Deep" || $sname == "Ultimate") {
echo "<img src=\"images/pencil.png\" class=\"tip disabled\" title=\"" . _("{$sname} profile can't be edited, clone it to make changes") . "\" />";
echo "<img src=\"images/delete.gif\" class=\"tip disabled\" title=\"" . _("{$sname} profile can't be deleted") . "\" />";
} else {
if (Vulnerabilities::can_modify_profile($dbconn, $sname, $sowner)) {
echo "<a href='settings.php?disp=edit&sid={$sid}'><img class='hand' id='edit_" . md5($sname . $sowner) . "' src='images/pencil.png' ></a>";
} else {
echo "<img class='disabled' src='images/pencil.png'>";
}
if (Vulnerabilities::can_delete_profile($dbconn, $sname, $sowner)) {
echo "<img class='hand' src='images/delete.gif' id='delete_" . md5($sname . $sowner) . "' onclick='deleteProfile({$sid})'>";
} else {
echo "<img class='disabled' src=\"images/delete.gif\" >";
}
}
echo "</td>";
echo "</tr>";
$result->MoveNext();
$color++;
}
echo "</table>";
echo "<center>";
echo "<form>";
echo "<br/>";
echo "<input type='button' onclick=\"document.location.href='settings.php?disp=new'\" id=\"new_profile\" value=\"" . _("Create New Profile") . "\"/>";
echo "</form>";
echo "</p>";
echo "</center>";
// end else
}
