function echoPage($page, $limit)
{
$dbLink = db_connect_syslog(DBUSER, DBUSERPW);
if ($limit <= 10) {
echo " <a href='wres.php?page={$page}&limit=" . ($limit + 10) . "' class='load_more'></a\t";
$sqllimit = "0,{$limit}";
} else {
$sqllimit = "10,{$limit}";
}
echo "<div style=\"width: 310px; margin-bottom: 5px; margin-left: 5px; text-align: center; font-size: 5px;\">";
echo " <table> ";
if ($page == "tail") {
if ($limit <= 10) {
echo "\n\t\t\t \t<td class=\"wapresultsheader\">HOST</td>\n\t\t\t \t<td class=\"wapresultsheader\">TIME</td>\n\t\t\t \t<td class=\"wapresultsheader\">MESSAGE</td>\n\t\t\t \t";
}
$query = "SELECT * FROM logs JOIN (select seq from logs FORCE INDEX(PRIMARY) ORDER BY seq DESC LIMIT {$sqllimit}) as sub USING(seq)";
}
if ($page == "topx") {
if ($limit <= 10) {
echo "\n\t\t\t \t<td class=\"wapresultsheader\">HOST</td>\n\t\t\t \t<td class=\"wapresultsheader\">COUNT</td>\n\t\t\t \t<td class=\"wapresultsheader\">MESSAGE</td>\n\t\t\t \t";
}
if (defined('SQZ_ENABLED') && SQZ_ENABLED == TRUE) {
$query = "SELECT host,counter as count,msg from logs WHERE counter>1 ORDER BY counter DESC LIMIT {$sqllimit}";
} else {
$query = "SELECT host,count(*) as count,msg from logs GROUP BY host ORDER BY count DESC LIMIT {$sqllimit}";
}
}
$results = perform_query($query, $dbLink);
$color = "waplighter";
$today = date('Y-m-d');
while ($row = fetch_array($results)) {
if ($color == "wapdarker") {
$color = "waplighter";
} else {
$color = "wapdarker";
}
echo "<tr class=\"{$color}\">";
echo "<td>" . $row['host'] . "</td>";
if ($page == "tail") {
$pieces = explode(" ", $row['datetime']);
echo '<td>';
if ($pieces[0] != $today) {
echo $pieces[0] . " ";
}
echo $pieces[1];
}
if ($page == "topx") {
echo '<td>';
echo $row['count'] . " ";
}
echo "</td>\n";
$row['msg'] = preg_replace('/\\s:/', ':', $row['msg']);
$row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']);
$msg = htmlspecialchars($row['msg']);
echo "<td>";
echo "{$msg}</td>\n";
echo "</tr>\n";
}
echo "</div>\n";
}
/*
*
* Developed by Clayton Dukes <*****@*****.**>
* Copyright (c) 2010 LogZilla, LLC
* All rights reserved.
* Last updated on 2010-06-15
*
* Changelog:
* 2010-03-05 - created
*
*/
session_start();
$basePath = dirname( __FILE__ );
require_once ($basePath . "/../common_funcs.php");
$dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
if ((has_portlet_access($_SESSION['username'], 'Change Password') == TRUE) || ($_SESSION['AUTHTYPE'] == "none")) {
?>
<table border="0" width="100%">
<thead>
<tr>
<th></th>
<th></th>
<th></th>
<tr>
</thead>
<tbody>
<tr>
<td colspan="2">
function login($forms)
{
$error = "";
$username = $forms["username"];
$password = $forms["password"];
if (!$password) {
$password = "******";
}
// die("$password");
if ($forms["authtype"] == "ldap") {
//define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!).
$filter = "(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" . LDAP_CN . "={$username}))";
$dn = LDAP_CN . "={$username}, ";
if (!($connect = @ldap_connect(LDAP_SRV))) {
$error .= "Could not connect to LDAP server:" . LDAP_SRV;
}
switch (LDAP_MSAD) {
case "YES":
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
if (!($bind = @ldap_bind($connect, "{$username}@" . LDAP_DOMAIN, $password))) {
$error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
}
break;
default:
if (!($bind = @ldap_bind($connect, "{$dn}" . LDAP_BASE_DN, $password))) {
$error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
}
}
if (!($sr = @ldap_search($connect, LDAP_BASE_DN, $filter))) {
#search for user
$error .= " Unable to search: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
}
$info = @ldap_get_entries($connect, $sr);
// print "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>";
if (LDAP_USEPRIV == "ON") {
if (in_array(LDAP_RW_GROUP, $info[0]["groupmembership"])) {
$_SESSION["userpriv"] = "rw";
} elseif (in_array(LDAP_RO_GROUP, $info[0]["groupmembership"])) {
$_SESSION["userpriv"] = "ro";
} else {
$_SESSION["userpriv"] = "disabled";
// echo "User privileges are " . $_SESSION["userpriv"] . "<br>";
}
}
if (trim($error) != "") {
return $error;
} else {
$fullname = $info[0]["cn"][0];
$fqdn = $info[0]["dn"];
$_SESSION["username"] = $username;
$_SESSION["groups"] = $info[0]["groupmembership"];
$_SESSION["token"] = $password;
$_SESSION["fullname"] = $fullname;
$_SESSION["fqdn"] = $fqdn;
$flname = explode(" ", $fullname);
$_SESSION["firstname"] = $flname[0];
$_SESSION["lastname"] = $flname[1];
$_SESSION["pageId"] = "searchform";
// die(phpinfo());
// die(print_r($info[0]));
// die(print_r($_SESSION));
}
/* from here, do your sql query to query the database to search for existing record with correct username and password */
} elseif ($forms["authtype"] == "basic") {
// Using Web basic authentication. Check to see if $_SERVER['REMOTE_USER'] has access, and act accordingly.
$username = $_SERVER['REMOTE_USER'];
if ($username == "") {
$username = "******";
}
$dbLink = db_connect_syslog(DBUSER, DBUSERPW);
if ($username && verify_user($username, $dbLink)) {
$sessionId = md5(mt_rand());
$_SESSION["pageId"] = "searchform";
$expTime = time() + SESSION_EXP_TIME;
$expTimeDB = date('Y-m-d H:i:s', $expTime);
// Update sessionId and exptime in database
$query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'";
$result = perform_query($query, $dbLink);
} else {
$error .= " Sorry, {$username} does not have access to this service.";
$_SESSION["error"] = "{$error}";
}
} elseif ($forms["authtype"] == "cert") {
// Using Cert basic authentication.Check certificate SerialNumber first, Subject DN if SerialNumber fails
$dbLink = db_connect_syslog(DBUSER, DBUSERPW);
if (verify_user($_SERVER['SSL_CLIENT_M_SERIAL'], $dbLink) || verify_user($_SERVER['SSL_CLIENT_S_DN'], $dbLink)) {
$sessionId = md5(mt_rand());
$_SESSION["pageId"] = "searchform";
$expTime = time() + SESSION_EXP_TIME;
$expTimeDB = date('Y-m-d H:i:s', $expTime);
// Update sessionId and exptime in database
$query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n exptime='" . $expTimeDB . "' WHERE username='******'";
$result = perform_query($query, $dbLink);
} else {
$error .= " Sorry, {$username} does not have access to this service.";
$_SESSION["error"] = "{$error}";
}
} else {
// Not using LDAP or WebBasic, revert to local db authentication
if ($_POST["username"]) {
$username = $_POST["username"];
$password = $_POST["password"];
// die("Info: $username, $password");
$dbLink = db_connect_syslog(DBUSER, DBUSERPW);
if ($username && $password && verify_login($username, $password, $dbLink)) {
$sessionId = md5(mt_rand());
$_SESSION["pageId"] = "searchform";
// Calculate the expiration time
$expTime = time() + SESSION_EXP_TIME;
$expTimeDB = date('Y-m-d H:i:s', $expTime);
// Update sessionId and exptime in database
$query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'";
$result = perform_query($query, $dbLink);
} else {
$error .= " Invalid password for user {$username}";
$_SESSION["error"] = "{$error}";
}
} else {
$error .= " Missing POST variables";
$_SESSION["error"] = "{$error}";
}
}
if (trim($error) != "") {
return $error;
} else {
$_SESSION["username"] = $username;
return $username;
}
}
#!/usr/bin/php
<?php
// Copyright (C) 2005 Claus Lund, clauslund@gmail.com
echo "\nStarting to reload cache\n";
echo date("Y-m-d H:i:s") . "\n\n";
require_once "/www/php-syslog-ng/html/includes/common_funcs.php";
require_once "/www/php-syslog-ng/html/config/config.php";
$dbLink = db_connect_syslog(DBUSER, DBUSERPW);
// If merge table exists and is not empty
// then load the cache with data from that table
/* BEGIN REMOVE cdukes 2-27-08: Removed this check for MERGELOGTABLE
I don't see why we're reloading cache from the MERGETABLE???
Wouldn't that just make a cache of the all_logs data from midnight of each day and
not current data?
if(table_exists(MERGELOGTABLE, $dbLink) == TRUE ) {
$mergelog = TRUE;
$sql = "SELECT * FROM ".MERGELOGTABLE." LIMIT 1";
$result = perform_query($sql, $dbLink);
if(num_rows($result)) {
echo "Loading the cache with data from the merge table\n";
reload_cache(MERGELOGTABLE, $dbLink);
}
} else {
// Else load the cache with data from each log table
*/
$tableArray = get_logtables($dbLink);
foreach ($tableArray as $table) {
if ($table == MERGELOGTABLE) {
continue;
}
//========================================================================
// BEGIN: HANDLE SET DEFAULT ACCESS REQUEST
//========================================================================
if (strcasecmp($configTask, "updateDefaultACL") == 0) {
$setDefaultAccess = TRUE;
// Make sure access controls are enabled
if (!defined('USE_ACL') || !USE_ACL) {
echo "Access control is not enabled.";
$setDefaultAccess = FALSE;
}
// If conditions are OK then update the default access
if ($setDefaultAccess && grant_access($username, 'edit_acl', $dbLink)) {
$actionInputs = array();
$sql = "SELECT * FROM " . ACTION_TABLE;
$result = perform_query($sql, $dbLink);
$admLink = db_connect_syslog(DBADMIN, DBADMINPW, 'C');
while ($row = fetch_array($result)) {
$actionname = $row['actionname'];
$inputVal = get_input($actionname . '_acl');
if ($inputVal == 1) {
$inputVal = 'TRUE';
} else {
$inputVal = 'FALSE';
}
$sql = "UPDATE " . ACTION_TABLE . " SET defaultaccess='" . $inputVal . "'\n\t\t\t\tWHERE actionname='" . $actionname . "'";
perform_query($sql, $admLink);
}
mysql_close($admLink);
echo "The default access settings have been updated.";
}
}
function mne2crc($mne)
{
$dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
$sql = "SELECT crc FROM mne WHERE name='{$mne}'";
$result = perform_query($sql, $dbLink, "common_funcs.php");
$row = fetch_array($result);
return $row['crc'];
}
function auth ($postvars) {
//Start security update v0.1
global $appConfig;
if($appConfig['ban_ip'] == "on" && $appConfig['max_login_tries']<=$_SESSION['num_login_tries']) {
//insert ip into banned table
$expdate = time()+$appConfig['ban_time']*60;
mysql_query("INSERT INTO banned_ips(bannedIp,expirationDate) VALUES('{$_SERVER['REMOTE_ADDR']}','".date("Y-m-d h:m:s",$expdate)."')");
}
if($appConfig['captcha']=='on' && $appConfig['num_login_tries']<=$_SESSION['num_login_tries']) {
require_once('includes/modules/recaptchalib.php');
$resp = recaptcha_check_answer ($appConfig['captcha_private_key'],
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
return $_SESSION["error"] = "The CAPTCHA wasn't entered correctly. Go back and try it again." .
"(CAPTCHA said: " . $resp->error . ")";
}
}
//End security update v0.1
$error = "";
$username = stripslashes($postvars["username"]);
$password = stripslashes($postvars["password"]);
if (validate_input($username, 'username') && (validate_input($password, 'password'))) {
switch ($postvars['authtype']) {
case "local":
if ($username && $username !== "local_noauth") {
$dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
if ($username && $password && verify_login($username, $password, $dbLink)) {
$error ="";
} else {
$error .= " Invalid password for user $username";
}
} else {
if (trim($username) == "") $error .= "Your username is empty.<br>";
if (trim($password) == "") $error .= "Your password is empty.";
}
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
$sql = "SELECT rbac_key FROM ".$_SESSION["TBL_AUTH"]." WHERE username='******'";
$result = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
$row = fetch_array($result);
$_SESSION["rbac"] = $row[0];
return $_SESSION["username"] = $username;
}
break;
case "ldap":
$dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
$sql = "SELECT name,value FROM settings WHERE name like 'LDAP%'";
$result = perform_query($sql, $dbLink, "authentication.php - LDAP Auth");
while($row = fetch_array($result)) {
if ($row['name'] == 'LDAP_BASE_DN') { $basedn = $row['value']; }
if ($row['name'] == 'LDAP_CN') { $cn = $row['value']; }
if ($row['name'] == 'LDAP_DOMAIN') { $domain = $row['value']; }
if ($row['name'] == 'LDAP_MS') { $ms = $row['value']; }
if ($row['name'] == 'LDAP_PRIV') { $priv = $row['value']; }
if ($row['name'] == 'LDAP_RO_FILTERS') { $ro_filter = $row['value']; }
if ($row['name'] == 'LDAP_RO_GRP') { $ro_grp = $row['value']; }
if ($row['name'] == 'LDAP_RW_GRP') { $rw_grp = $row['value']; }
if ($row['name'] == 'LDAP_SRV') { $srv = $row['value']; }
if ($row['name'] == 'LDAP_DNU_GRP') { $nuser_grp = $row['value']; }
if ($row['name'] == 'LDAP_USERS_RO' ){ $list_of_ldapusers_ro = $row['value']; }
if ($row['name'] == 'LDAP_USERS_RW' ){ $list_of_ldapusers_rw = $row['value']; }
}
//define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!).
$filter="(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" .$cn. "=$username))";
$dn = $cn . "=$username, ";
if (!($connect = @ldap_connect($srv))) {
$error .= "Could not connect to LDAP server:" . $srv;
}
switch ($ms) {
case "1":
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($connect, LDAP_OPT_REFERRALS,0);
if (!($bind = @ldap_bind($connect, "$username@" . $domain, $password))) {
$error .= " Unable to bind to LDAP Server: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>";
}
break;
default:
if (!($bind = @ldap_bind($connect, "$dn" . $basedn, $password))) {
$error .= " Unable to bind to LDAP Server: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>";
}
}
if (!($sr = @ldap_search($connect, $basedn, $filter))) { #search for user
$error .= " Unable to search: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>";
}
$info = @ldap_get_entries($connect, $sr);
// print "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>";
if ($priv == "1") {
if (in_array($rw_grp, $info[0]["groupmembership"])) {
$_SESSION["userpriv"] = "rw";
} elseif (in_array($ro_grp, $info[0]["groupmembership"])) {
$_SESSION["userpriv"] = "ro";
} else {
$_SESSION["userpriv"] = "disabled";
}
if ( strlen($list_of_ldapusers_ro) > 0 ){
$tmp_miami = explode(',', $list_of_ldapusers_ro);
if ( in_array ($username, $tmp_miami ) ){
$_SESSION['userpriv'] = 'ro'; }
}
if ( strlen($list_of_ldapusers_rw) > 0 ){
$tmp_miami = explode(',', $list_of_ldapusers_rw);
if ( in_array ($username, $tmp_miami ) ){
$_SESSION['userpriv'] = 'rw';
}
}
if ( $_SESSION['userpriv'] == 'disabled' ){
$error.='User not authorized';
}
}
if ( trim($error) != "" ) {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
$fullname=$info[0]["cn"][0];
$fqdn=$info[0]["dn"];
$_SESSION["username"] = $username;
$_SESSION["groups"] = $info[0]["groupmembership"];
$_SESSION["token"] = $password;
$_SESSION["fullname"] = $fullname;
$_SESSION["fqdn"] = $fqdn;
$flname = explode(" ", $fullname);
$_SESSION["firstname"] = $flname[0];
$_SESSION["lastname"] = $flname[1];
$_SESSION["pageId"] = "searchform" ;
// die(phpinfo());
// die(print_r($info[0]));
// die(print_r($_SESSION));
// Create user locally
// Add user (if they don't exist)
$sql = "SELECT username from users where username='******'";
$result = perform_query($sql, $dbLink, "authentication.php - LDAP");
$row = fetch_array($result);
if ($row['username'] !== "$username") {
$sql = "INSERT IGNORE INTO ".$_SESSION['TBL_AUTH']." (username,pwhash) VALUES ('$username',MD5('$password'))";
$result = perform_query($sql, $dbLink, "authentication.php - LDAP");
if(mysql_affected_rows() !== 1) {
$error .= "Unable to add $username to local system";
} else {
$sql = "REPLACE INTO groups (userid, groupname) SELECT (SELECT id FROM users WHERE username='******'),'$nuser_grp'";
perform_query($sql, $dbLink, "authentication.php - LDAP");
$sql = "REPLACE INTO ui_layout (userid, pagename, col, rowindex, header, content, group_access) SELECT (SELECT id FROM users WHERE username='******'),pagename,col,rowindex,header,content, group_access FROM ui_layout WHERE userid=0";
perform_query($sql, $dbLink, "authentication.php - LDAP");
}
}
}
/* from here, do your sql query to query the database to search for existing record with correct username and password */
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
$sessionId = session_id();
$expTime = time()+$_SESSION["SESS_EXP"];
$expTimeDB = date('Y-m-d H:i:s', $expTime);
$query = "UPDATE ".$_SESSION["TBL_AUTH"]." SET sessionid='".$sessionId."',
exptime='".$expTimeDB."' WHERE username='******'";
$result = perform_query($query, $dbLink, $_SERVER['PHP_SELF']);
$sql = "SELECT rbac_key FROM ".$_SESSION["TBL_AUTH"]." WHERE username='******'";
$result = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
$row = fetch_array($result);
$_SESSION["rbac"] = $row[0];
return $_SESSION["username"] = $username;
}
break;
case "webbasic":
$error .= "Web Basic not implemented yet";
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
return $_SESSION["username"] = $username;
}
break;
case "msad":
$error .= "Microsoft Authentication not implemented yet";
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
return $_SESSION["username"] = $username;
}
break;
case "cert":
$error .= "SSL Certificate Authentication not implemented yet";
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
return $_SESSION["username"] = $username;
}
break;
case "tacacs":
$error .= "Tacacs Authentication not implemented yet";
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
return $_SESSION["username"] = $username;
}
break;
case "radius":
$error .= "Radius Authentication not implemented yet";
if (trim($error)!="") {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = $error;
} else {
return $_SESSION["username"] = $username;
}
break;
}
} else {
//Start security update v0.1
$_SESSION['num_login_tries']+=1;
//End security update v0.1
return $_SESSION["error"] = "Invalid Username or Password";
}
}
