public function search($params) { $query = AccessLogSqlInject::find(); $dataProvider = new ActiveDataProvider(['query' => $query, 'db' => \Yii::$app->db1, 'sort' => ['defaultOrder' => ['request_time' => SORT_DESC]]]); $this->load($params); if (!$this->validate()) { return $dataProvider; } if ($this->request_time) { $this->start_date = $this->request_time; $this->end_date = date('Y-m-d 00:00:00', strtotime('+1 day', strtotime($this->start_date))); } $query->andFilterWhere(['source' => $this->source]); $query->andFilterWhere(['log_type' => $this->log_type]); $query->andFilterWhere(['user_ip' => $this->user_ip]); $query->andFilterWhere(['>=', 'request_time', $this->start_date]); $query->andFilterWhere(['<', 'request_time', $this->end_date]); return $dataProvider; }
public static function addSqlInjectLog($access_str, $source, $short_name, $request_url, $request_time, $user_ip1) { $url_preg = preg_match("/.*?[\\?](.*?)\$/", $request_url, $mat); //没有参数直接返回 if ($url_preg == false) { return; } $parm_url = empty($mat[1]) ? "" : $mat[1]; $match_rs = preg_match("/\\+|%20|\\/bin\\/|Match1:|webscan\\.|\\'|\\/\\*|\\.\\.\\/|\\.\\/|union|into|load_file|outfile/i", $parm_url); if ($match_rs == false) { return; } $ai = new AccessLogSqlInject(); $ai->access_str = $access_str; $ai->user_ip = $user_ip1; $ai->source = strval($source); $ai->log_type = $short_name; $ai->request_time = $request_time; $ai->save(); }
/** * 获得首页要显示的访问情况 */ public static function pageAttackEcharts() { //获得总的攻击信息记录数 $sqlattack = AccessLogSqlInject::find()->count(); //获得访问出错的数据 $query = new Query(); $dateString = $query->select("count(*) nums,error_status")->from('AccessLogErrorStatus')->groupBy("error_status")->orderBy("nums desc")->all(\Yii::$app->db1); if (empty($dateString)) { return []; } $otherCountry = []; $otherCountry['categories'][] = '注入'; //$otherCountry['series']['data'][] = ['url' => Url::toRoute('/nginx/sqlattack'), 'name' => '注入', 'y' => floatval($sqlattack)]; $otherCountry['series']['data'][] = floatval($sqlattack); foreach ($dateString as $oneDate) { $otherCountry['categories'][] = $oneDate['error_status']; //$otherCountry['series']['data'][] = ['url' => Url::toRoute('/nginx/errorstatus') . '?AccessLogErrorStatusSearch%5Berror_status%5D=' . $oneDate['error_status'], 'name' => $oneDate['error_status'], 'y' => floatval($oneDate['nums'])]; $otherCountry['series']['data'][] = floatval($oneDate['nums']); } $otherCountry['series']['name'] = '数量'; $otherCountry['series']['type'] = 'bar'; $otherCountry['series']['itemStyle'] = ['normal' => ['label' => ['show' => true, 'position' => 'top']]]; return $otherCountry; }