public function search($params)
{
$query = AccessLogSqlInject::find();
$dataProvider = new ActiveDataProvider(['query' => $query, 'db' => \Yii::$app->db1, 'sort' => ['defaultOrder' => ['request_time' => SORT_DESC]]]);
$this->load($params);
if (!$this->validate()) {
return $dataProvider;
}
if ($this->request_time) {
$this->start_date = $this->request_time;
$this->end_date = date('Y-m-d 00:00:00', strtotime('+1 day', strtotime($this->start_date)));
}
$query->andFilterWhere(['source' => $this->source]);
$query->andFilterWhere(['log_type' => $this->log_type]);
$query->andFilterWhere(['user_ip' => $this->user_ip]);
$query->andFilterWhere(['>=', 'request_time', $this->start_date]);
$query->andFilterWhere(['<', 'request_time', $this->end_date]);
return $dataProvider;
}
public static function addSqlInjectLog($access_str, $source, $short_name, $request_url, $request_time, $user_ip1)
{
$url_preg = preg_match("/.*?[\\?](.*?)\$/", $request_url, $mat);
//没有参数直接返回
if ($url_preg == false) {
return;
}
$parm_url = empty($mat[1]) ? "" : $mat[1];
$match_rs = preg_match("/\\+|%20|\\/bin\\/|Match1:|webscan\\.|\\'|\\/\\*|\\.\\.\\/|\\.\\/|union|into|load_file|outfile/i", $parm_url);
if ($match_rs == false) {
return;
}
$ai = new AccessLogSqlInject();
$ai->access_str = $access_str;
$ai->user_ip = $user_ip1;
$ai->source = strval($source);
$ai->log_type = $short_name;
$ai->request_time = $request_time;
$ai->save();
}
/**
* 获得首页要显示的访问情况
*/
public static function pageAttackEcharts()
{
//获得总的攻击信息记录数
$sqlattack = AccessLogSqlInject::find()->count();
//获得访问出错的数据
$query = new Query();
$dateString = $query->select("count(*) nums,error_status")->from('AccessLogErrorStatus')->groupBy("error_status")->orderBy("nums desc")->all(\Yii::$app->db1);
if (empty($dateString)) {
return [];
}
$otherCountry = [];
$otherCountry['categories'][] = '注入';
//$otherCountry['series']['data'][] = ['url' => Url::toRoute('/nginx/sqlattack'), 'name' => '注入', 'y' => floatval($sqlattack)];
$otherCountry['series']['data'][] = floatval($sqlattack);
foreach ($dateString as $oneDate) {
$otherCountry['categories'][] = $oneDate['error_status'];
//$otherCountry['series']['data'][] = ['url' => Url::toRoute('/nginx/errorstatus') . '?AccessLogErrorStatusSearch%5Berror_status%5D=' . $oneDate['error_status'], 'name' => $oneDate['error_status'], 'y' => floatval($oneDate['nums'])];
$otherCountry['series']['data'][] = floatval($oneDate['nums']);
}
$otherCountry['series']['name'] = '数量';
$otherCountry['series']['type'] = 'bar';
$otherCountry['series']['itemStyle'] = ['normal' => ['label' => ['show' => true, 'position' => 'top']]];
return $otherCountry;
}
