function echoPage($page, $limit) { $dbLink = db_connect_syslog(DBUSER, DBUSERPW); if ($limit <= 10) { echo " <a href='wres.php?page={$page}&limit=" . ($limit + 10) . "' class='load_more'></a\t"; $sqllimit = "0,{$limit}"; } else { $sqllimit = "10,{$limit}"; } echo "<div style=\"width: 310px; margin-bottom: 5px; margin-left: 5px; text-align: center; font-size: 5px;\">"; echo " <table> "; if ($page == "tail") { if ($limit <= 10) { echo "\n\t\t\t \t<td class=\"wapresultsheader\">HOST</td>\n\t\t\t \t<td class=\"wapresultsheader\">TIME</td>\n\t\t\t \t<td class=\"wapresultsheader\">MESSAGE</td>\n\t\t\t \t"; } $query = "SELECT * FROM logs JOIN (select seq from logs FORCE INDEX(PRIMARY) ORDER BY seq DESC LIMIT {$sqllimit}) as sub USING(seq)"; } if ($page == "topx") { if ($limit <= 10) { echo "\n\t\t\t \t<td class=\"wapresultsheader\">HOST</td>\n\t\t\t \t<td class=\"wapresultsheader\">COUNT</td>\n\t\t\t \t<td class=\"wapresultsheader\">MESSAGE</td>\n\t\t\t \t"; } if (defined('SQZ_ENABLED') && SQZ_ENABLED == TRUE) { $query = "SELECT host,counter as count,msg from logs WHERE counter>1 ORDER BY counter DESC LIMIT {$sqllimit}"; } else { $query = "SELECT host,count(*) as count,msg from logs GROUP BY host ORDER BY count DESC LIMIT {$sqllimit}"; } } $results = perform_query($query, $dbLink); $color = "waplighter"; $today = date('Y-m-d'); while ($row = fetch_array($results)) { if ($color == "wapdarker") { $color = "waplighter"; } else { $color = "wapdarker"; } echo "<tr class=\"{$color}\">"; echo "<td>" . $row['host'] . "</td>"; if ($page == "tail") { $pieces = explode(" ", $row['datetime']); echo '<td>'; if ($pieces[0] != $today) { echo $pieces[0] . " "; } echo $pieces[1]; } if ($page == "topx") { echo '<td>'; echo $row['count'] . " "; } echo "</td>\n"; $row['msg'] = preg_replace('/\\s:/', ':', $row['msg']); $row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']); $msg = htmlspecialchars($row['msg']); echo "<td>"; echo "{$msg}</td>\n"; echo "</tr>\n"; } echo "</div>\n"; }
/* * * Developed by Clayton Dukes <*****@*****.**> * Copyright (c) 2010 LogZilla, LLC * All rights reserved. * Last updated on 2010-06-15 * * Changelog: * 2010-03-05 - created * */ session_start(); $basePath = dirname( __FILE__ ); require_once ($basePath . "/../common_funcs.php"); $dbLink = db_connect_syslog(DBADMIN, DBADMINPW); if ((has_portlet_access($_SESSION['username'], 'Change Password') == TRUE) || ($_SESSION['AUTHTYPE'] == "none")) { ?> <table border="0" width="100%"> <thead> <tr> <th></th> <th></th> <th></th> <tr> </thead> <tbody> <tr> <td colspan="2">
function login($forms) { $error = ""; $username = $forms["username"]; $password = $forms["password"]; if (!$password) { $password = "******"; } // die("$password"); if ($forms["authtype"] == "ldap") { //define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!). $filter = "(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" . LDAP_CN . "={$username}))"; $dn = LDAP_CN . "={$username}, "; if (!($connect = @ldap_connect(LDAP_SRV))) { $error .= "Could not connect to LDAP server:" . LDAP_SRV; } switch (LDAP_MSAD) { case "YES": ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); if (!($bind = @ldap_bind($connect, "{$username}@" . LDAP_DOMAIN, $password))) { $error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>"; } break; default: if (!($bind = @ldap_bind($connect, "{$dn}" . LDAP_BASE_DN, $password))) { $error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>"; } } if (!($sr = @ldap_search($connect, LDAP_BASE_DN, $filter))) { #search for user $error .= " Unable to search: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>"; } $info = @ldap_get_entries($connect, $sr); // print "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>"; if (LDAP_USEPRIV == "ON") { if (in_array(LDAP_RW_GROUP, $info[0]["groupmembership"])) { $_SESSION["userpriv"] = "rw"; } elseif (in_array(LDAP_RO_GROUP, $info[0]["groupmembership"])) { $_SESSION["userpriv"] = "ro"; } else { $_SESSION["userpriv"] = "disabled"; // echo "User privileges are " . $_SESSION["userpriv"] . "<br>"; } } if (trim($error) != "") { return $error; } else { $fullname = $info[0]["cn"][0]; $fqdn = $info[0]["dn"]; $_SESSION["username"] = $username; $_SESSION["groups"] = $info[0]["groupmembership"]; $_SESSION["token"] = $password; $_SESSION["fullname"] = $fullname; $_SESSION["fqdn"] = $fqdn; $flname = explode(" ", $fullname); $_SESSION["firstname"] = $flname[0]; $_SESSION["lastname"] = $flname[1]; $_SESSION["pageId"] = "searchform"; // die(phpinfo()); // die(print_r($info[0])); // die(print_r($_SESSION)); } /* from here, do your sql query to query the database to search for existing record with correct username and password */ } elseif ($forms["authtype"] == "basic") { // Using Web basic authentication. Check to see if $_SERVER['REMOTE_USER'] has access, and act accordingly. $username = $_SERVER['REMOTE_USER']; if ($username == "") { $username = "******"; } $dbLink = db_connect_syslog(DBUSER, DBUSERPW); if ($username && verify_user($username, $dbLink)) { $sessionId = md5(mt_rand()); $_SESSION["pageId"] = "searchform"; $expTime = time() + SESSION_EXP_TIME; $expTimeDB = date('Y-m-d H:i:s', $expTime); // Update sessionId and exptime in database $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'"; $result = perform_query($query, $dbLink); } else { $error .= " Sorry, {$username} does not have access to this service."; $_SESSION["error"] = "{$error}"; } } elseif ($forms["authtype"] == "cert") { // Using Cert basic authentication.Check certificate SerialNumber first, Subject DN if SerialNumber fails $dbLink = db_connect_syslog(DBUSER, DBUSERPW); if (verify_user($_SERVER['SSL_CLIENT_M_SERIAL'], $dbLink) || verify_user($_SERVER['SSL_CLIENT_S_DN'], $dbLink)) { $sessionId = md5(mt_rand()); $_SESSION["pageId"] = "searchform"; $expTime = time() + SESSION_EXP_TIME; $expTimeDB = date('Y-m-d H:i:s', $expTime); // Update sessionId and exptime in database $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n exptime='" . $expTimeDB . "' WHERE username='******'"; $result = perform_query($query, $dbLink); } else { $error .= " Sorry, {$username} does not have access to this service."; $_SESSION["error"] = "{$error}"; } } else { // Not using LDAP or WebBasic, revert to local db authentication if ($_POST["username"]) { $username = $_POST["username"]; $password = $_POST["password"]; // die("Info: $username, $password"); $dbLink = db_connect_syslog(DBUSER, DBUSERPW); if ($username && $password && verify_login($username, $password, $dbLink)) { $sessionId = md5(mt_rand()); $_SESSION["pageId"] = "searchform"; // Calculate the expiration time $expTime = time() + SESSION_EXP_TIME; $expTimeDB = date('Y-m-d H:i:s', $expTime); // Update sessionId and exptime in database $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'"; $result = perform_query($query, $dbLink); } else { $error .= " Invalid password for user {$username}"; $_SESSION["error"] = "{$error}"; } } else { $error .= " Missing POST variables"; $_SESSION["error"] = "{$error}"; } } if (trim($error) != "") { return $error; } else { $_SESSION["username"] = $username; return $username; } }
#!/usr/bin/php <?php // Copyright (C) 2005 Claus Lund, clauslund@gmail.com echo "\nStarting to reload cache\n"; echo date("Y-m-d H:i:s") . "\n\n"; require_once "/www/php-syslog-ng/html/includes/common_funcs.php"; require_once "/www/php-syslog-ng/html/config/config.php"; $dbLink = db_connect_syslog(DBUSER, DBUSERPW); // If merge table exists and is not empty // then load the cache with data from that table /* BEGIN REMOVE cdukes 2-27-08: Removed this check for MERGELOGTABLE I don't see why we're reloading cache from the MERGETABLE??? Wouldn't that just make a cache of the all_logs data from midnight of each day and not current data? if(table_exists(MERGELOGTABLE, $dbLink) == TRUE ) { $mergelog = TRUE; $sql = "SELECT * FROM ".MERGELOGTABLE." LIMIT 1"; $result = perform_query($sql, $dbLink); if(num_rows($result)) { echo "Loading the cache with data from the merge table\n"; reload_cache(MERGELOGTABLE, $dbLink); } } else { // Else load the cache with data from each log table */ $tableArray = get_logtables($dbLink); foreach ($tableArray as $table) { if ($table == MERGELOGTABLE) { continue; }
//======================================================================== // BEGIN: HANDLE SET DEFAULT ACCESS REQUEST //======================================================================== if (strcasecmp($configTask, "updateDefaultACL") == 0) { $setDefaultAccess = TRUE; // Make sure access controls are enabled if (!defined('USE_ACL') || !USE_ACL) { echo "Access control is not enabled."; $setDefaultAccess = FALSE; } // If conditions are OK then update the default access if ($setDefaultAccess && grant_access($username, 'edit_acl', $dbLink)) { $actionInputs = array(); $sql = "SELECT * FROM " . ACTION_TABLE; $result = perform_query($sql, $dbLink); $admLink = db_connect_syslog(DBADMIN, DBADMINPW, 'C'); while ($row = fetch_array($result)) { $actionname = $row['actionname']; $inputVal = get_input($actionname . '_acl'); if ($inputVal == 1) { $inputVal = 'TRUE'; } else { $inputVal = 'FALSE'; } $sql = "UPDATE " . ACTION_TABLE . " SET defaultaccess='" . $inputVal . "'\n\t\t\t\tWHERE actionname='" . $actionname . "'"; perform_query($sql, $admLink); } mysql_close($admLink); echo "The default access settings have been updated."; } }
function mne2crc($mne) { $dbLink = db_connect_syslog(DBADMIN, DBADMINPW); $sql = "SELECT crc FROM mne WHERE name='{$mne}'"; $result = perform_query($sql, $dbLink, "common_funcs.php"); $row = fetch_array($result); return $row['crc']; }
function auth ($postvars) { //Start security update v0.1 global $appConfig; if($appConfig['ban_ip'] == "on" && $appConfig['max_login_tries']<=$_SESSION['num_login_tries']) { //insert ip into banned table $expdate = time()+$appConfig['ban_time']*60; mysql_query("INSERT INTO banned_ips(bannedIp,expirationDate) VALUES('{$_SERVER['REMOTE_ADDR']}','".date("Y-m-d h:m:s",$expdate)."')"); } if($appConfig['captcha']=='on' && $appConfig['num_login_tries']<=$_SESSION['num_login_tries']) { require_once('includes/modules/recaptchalib.php'); $resp = recaptcha_check_answer ($appConfig['captcha_private_key'], $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { return $_SESSION["error"] = "The CAPTCHA wasn't entered correctly. Go back and try it again." . "(CAPTCHA said: " . $resp->error . ")"; } } //End security update v0.1 $error = ""; $username = stripslashes($postvars["username"]); $password = stripslashes($postvars["password"]); if (validate_input($username, 'username') && (validate_input($password, 'password'))) { switch ($postvars['authtype']) { case "local": if ($username && $username !== "local_noauth") { $dbLink = db_connect_syslog(DBADMIN, DBADMINPW); if ($username && $password && verify_login($username, $password, $dbLink)) { $error =""; } else { $error .= " Invalid password for user $username"; } } else { if (trim($username) == "") $error .= "Your username is empty.<br>"; if (trim($password) == "") $error .= "Your password is empty."; } if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { $sql = "SELECT rbac_key FROM ".$_SESSION["TBL_AUTH"]." WHERE username='******'"; $result = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']); $row = fetch_array($result); $_SESSION["rbac"] = $row[0]; return $_SESSION["username"] = $username; } break; case "ldap": $dbLink = db_connect_syslog(DBADMIN, DBADMINPW); $sql = "SELECT name,value FROM settings WHERE name like 'LDAP%'"; $result = perform_query($sql, $dbLink, "authentication.php - LDAP Auth"); while($row = fetch_array($result)) { if ($row['name'] == 'LDAP_BASE_DN') { $basedn = $row['value']; } if ($row['name'] == 'LDAP_CN') { $cn = $row['value']; } if ($row['name'] == 'LDAP_DOMAIN') { $domain = $row['value']; } if ($row['name'] == 'LDAP_MS') { $ms = $row['value']; } if ($row['name'] == 'LDAP_PRIV') { $priv = $row['value']; } if ($row['name'] == 'LDAP_RO_FILTERS') { $ro_filter = $row['value']; } if ($row['name'] == 'LDAP_RO_GRP') { $ro_grp = $row['value']; } if ($row['name'] == 'LDAP_RW_GRP') { $rw_grp = $row['value']; } if ($row['name'] == 'LDAP_SRV') { $srv = $row['value']; } if ($row['name'] == 'LDAP_DNU_GRP') { $nuser_grp = $row['value']; } if ($row['name'] == 'LDAP_USERS_RO' ){ $list_of_ldapusers_ro = $row['value']; } if ($row['name'] == 'LDAP_USERS_RW' ){ $list_of_ldapusers_rw = $row['value']; } } //define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!). $filter="(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" .$cn. "=$username))"; $dn = $cn . "=$username, "; if (!($connect = @ldap_connect($srv))) { $error .= "Could not connect to LDAP server:" . $srv; } switch ($ms) { case "1": ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3); ldap_set_option($connect, LDAP_OPT_REFERRALS,0); if (!($bind = @ldap_bind($connect, "$username@" . $domain, $password))) { $error .= " Unable to bind to LDAP Server: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>"; } break; default: if (!($bind = @ldap_bind($connect, "$dn" . $basedn, $password))) { $error .= " Unable to bind to LDAP Server: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>"; } } if (!($sr = @ldap_search($connect, $basedn, $filter))) { #search for user $error .= " Unable to search: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>"; } $info = @ldap_get_entries($connect, $sr); // print "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>"; if ($priv == "1") { if (in_array($rw_grp, $info[0]["groupmembership"])) { $_SESSION["userpriv"] = "rw"; } elseif (in_array($ro_grp, $info[0]["groupmembership"])) { $_SESSION["userpriv"] = "ro"; } else { $_SESSION["userpriv"] = "disabled"; } if ( strlen($list_of_ldapusers_ro) > 0 ){ $tmp_miami = explode(',', $list_of_ldapusers_ro); if ( in_array ($username, $tmp_miami ) ){ $_SESSION['userpriv'] = 'ro'; } } if ( strlen($list_of_ldapusers_rw) > 0 ){ $tmp_miami = explode(',', $list_of_ldapusers_rw); if ( in_array ($username, $tmp_miami ) ){ $_SESSION['userpriv'] = 'rw'; } } if ( $_SESSION['userpriv'] == 'disabled' ){ $error.='User not authorized'; } } if ( trim($error) != "" ) { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { $fullname=$info[0]["cn"][0]; $fqdn=$info[0]["dn"]; $_SESSION["username"] = $username; $_SESSION["groups"] = $info[0]["groupmembership"]; $_SESSION["token"] = $password; $_SESSION["fullname"] = $fullname; $_SESSION["fqdn"] = $fqdn; $flname = explode(" ", $fullname); $_SESSION["firstname"] = $flname[0]; $_SESSION["lastname"] = $flname[1]; $_SESSION["pageId"] = "searchform" ; // die(phpinfo()); // die(print_r($info[0])); // die(print_r($_SESSION)); // Create user locally // Add user (if they don't exist) $sql = "SELECT username from users where username='******'"; $result = perform_query($sql, $dbLink, "authentication.php - LDAP"); $row = fetch_array($result); if ($row['username'] !== "$username") { $sql = "INSERT IGNORE INTO ".$_SESSION['TBL_AUTH']." (username,pwhash) VALUES ('$username',MD5('$password'))"; $result = perform_query($sql, $dbLink, "authentication.php - LDAP"); if(mysql_affected_rows() !== 1) { $error .= "Unable to add $username to local system"; } else { $sql = "REPLACE INTO groups (userid, groupname) SELECT (SELECT id FROM users WHERE username='******'),'$nuser_grp'"; perform_query($sql, $dbLink, "authentication.php - LDAP"); $sql = "REPLACE INTO ui_layout (userid, pagename, col, rowindex, header, content, group_access) SELECT (SELECT id FROM users WHERE username='******'),pagename,col,rowindex,header,content, group_access FROM ui_layout WHERE userid=0"; perform_query($sql, $dbLink, "authentication.php - LDAP"); } } } /* from here, do your sql query to query the database to search for existing record with correct username and password */ if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { $sessionId = session_id(); $expTime = time()+$_SESSION["SESS_EXP"]; $expTimeDB = date('Y-m-d H:i:s', $expTime); $query = "UPDATE ".$_SESSION["TBL_AUTH"]." SET sessionid='".$sessionId."', exptime='".$expTimeDB."' WHERE username='******'"; $result = perform_query($query, $dbLink, $_SERVER['PHP_SELF']); $sql = "SELECT rbac_key FROM ".$_SESSION["TBL_AUTH"]." WHERE username='******'"; $result = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']); $row = fetch_array($result); $_SESSION["rbac"] = $row[0]; return $_SESSION["username"] = $username; } break; case "webbasic": $error .= "Web Basic not implemented yet"; if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { return $_SESSION["username"] = $username; } break; case "msad": $error .= "Microsoft Authentication not implemented yet"; if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { return $_SESSION["username"] = $username; } break; case "cert": $error .= "SSL Certificate Authentication not implemented yet"; if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { return $_SESSION["username"] = $username; } break; case "tacacs": $error .= "Tacacs Authentication not implemented yet"; if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { return $_SESSION["username"] = $username; } break; case "radius": $error .= "Radius Authentication not implemented yet"; if (trim($error)!="") { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = $error; } else { return $_SESSION["username"] = $username; } break; } } else { //Start security update v0.1 $_SESSION['num_login_tries']+=1; //End security update v0.1 return $_SESSION["error"] = "Invalid Username or Password"; } }