$title = Util::htmlentities($title);
$tooltip = $s_title;
$li = "url:'" . $sensor->get_ip() . "', icon:'../../pixmaps/theme/server.png', title:'{$title}', tooltip:'{$tooltip}'\n";
$buffer .= ($j > 0 ? "," : "") . "{ {$li} }";
$j++;
}
}
$buffer .= "]";
if ($buffer == "" || $buffer == "[]") {
echo "[{title:'" . _("No Sensors Found") . "', noLink:true}]";
} else {
echo $buffer;
}
} else {
if ($key == "entities") {
$entities = Acl::get_entities($conn);
$entities_types = Acl::get_entities_types($conn);
$num_entities = count($entities[0]);
$expand = $num_entities > 0 ? "expand:true" : "expand:false";
echo "[";
$flag = false;
$entities_admin = array();
if ($num_entities > 0) {
foreach ($entities[0] as $entity) {
$entity_allowed = Acl::entityAllowed($entity['id']);
if ($entity['parent_id'] > 0 || $entity['type'] <= 0 || !$entity_allowed) {
continue;
}
if ($flag) {
echo ",";
}
if ($pro) {
// users
$users = array();
if (Session::am_i_admin()) {
$users_list = Session::get_list($conn_ossim);
foreach ($users_list as $user_data) {
$users[] = $user_data->login;
}
} else {
$users_list = Acl::get_my_users($conn_ossim, Session::get_session_user());
foreach ($users_list as $user_data) {
$users[] = $user_data["login"];
}
}
// entities
list($entities_all, $num_entities) = Acl::get_entities($conn_ossim);
list($entities_admin, $num) = Acl::get_entities_admin($conn_ossim, Session::get_session_user());
$entities_list = array_keys($entities_admin);
}
$db->close($conn);
$db->close($conn_ossim);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title><?php
echo _('Backup');
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache">
$directive_id = GET('directive_id');
$intent = intval(GET('intent'));
$sensor_query = GET('sensor_query');
$tag = GET('tag');
$num_events = GET('num_events');
$num_events_op = GET('num_events_op');
$date_from = GET('date_from');
$date_to = GET('date_to');
$ds_id = GET('ds_id');
$ds_name = GET('ds_name');
$beep = intval(GET('beep'));
$sec = POST('sEcho');
//$tags = Tags::get_list($conn);
$tags_html = Tags::get_list_html($conn);
if (Session::is_pro() && Session::show_entities()) {
list($entities, $_children, $_num_ent) = Acl::get_entities($conn, '', '', true, false);
}
ossim_valid($order, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Order"));
ossim_valid($torder, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Order Direction"));
ossim_valid($delete, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Delete"));
ossim_valid($close, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Close"));
ossim_valid($open, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Open"));
ossim_valid($delete_day, OSS_ALPHA, OSS_SPACE, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _("Delete_day"));
ossim_valid($query, OSS_ALPHA, OSS_PUNC_EXT, OSS_SPACE, OSS_NULLABLE, 'illegal:' . _("Query"));
ossim_valid($autorefresh, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Autorefresh"));
ossim_valid($refresh_time, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Refresh_time"));
ossim_valid($directive_id, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Directive_id"));
ossim_valid($intent, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Intent"));
ossim_valid($src_ip, OSS_IP_ADDRCIDR_0, OSS_NULLABLE, 'illegal:' . _("Src_ip"));
ossim_valid($dst_ip, OSS_IP_ADDRCIDR_0, OSS_NULLABLE, 'illegal:' . _("Dst_ip"));
ossim_valid($inf, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Inf"));
/* Version */
$pro = Session::is_pro();
//Timezone
$tzlist = timezone_identifiers_list(4095);
sort($tzlist);
//Login method list
$lm_list = array('ldap' => _('LDAP'), 'pass' => _('PASSWORD'));
//Entities and Templates
$noentities = 0;
$notemplates = 0;
if ($pro) {
$entity_list = Session::get_entities_to_assign($conn);
if (count($entity_list) < 1) {
$noentities = 1;
}
list($entities_all, $num_entities_all) = Acl::get_entities($conn, '', '', FALSE, FALSE);
$templates = array();
list($templates, $num_templates) = Session::get_templates($conn);
if (count($templates) < 1) {
$templates[0] = array('id' => '', 'name' => ' -- ' . _('No templates found') . ' -- ');
$notemplates = 1;
}
} else {
list($menu_perms, $perms_check) = Session::get_menu_perms($conn);
}
//Initialize variables
$_SESSION['user_in_db'] = NULL;
$login = '';
$uuid = '';
$user_name = '';
$email = '';
function get_json_entities($conn)
{
require_once 'av_init.php';
$json_entities = NULL;
$conf = $GLOBALS["CONF"];
if (!$conf) {
$conf = new Ossim_conf();
}
$version = $conf->get_conf("ossim_server_version", FALSE);
$pro = preg_match("/pro|demo/i", $version) ? TRUE : FALSE;
if ($pro) {
list($entities_all, $num_entities) = Acl::get_entities($conn, '', '', FALSE, FALSE);
if (is_array($entities_all) && !empty($entities_all)) {
foreach ($entities_all as $entity_id) {
$entity_text = $entity["name"];
$entity_id = $entity["id"];
$json_entities .= '{ txt:"' . $entity_text . '", id:"' . $entity_id . '"},';
}
}
}
return $json_entities;
}
echo $url;
?>
" />
<?php
} elseif (Acl::am_i_proadmin()) {
// pro admin
//users
$users_admin = Acl::get_my_users($dbconn, Session::get_session_user());
foreach ($users_admin as $u) {
// if($u["login"]!=Session::get_session_user()){
$users_pro_login[] = $u["login"];
// }
}
//if(!in_array(Session::get_session_user(), $users_pro_login) && $incident_in_charge!=Session::get_session_user()) $users_pro_login[] = Session::get_session_user();
//entities
list($entities_all, $num_entities) = Acl::get_entities($dbconn);
list($entities_admin, $num) = Acl::get_entities_admin($dbconn, Session::get_session_user());
$entities_list = array_keys($entities_admin);
$entities_types_aux = Acl::get_entities_types($dbconn);
$entities_types = array();
foreach ($entities_types_aux as $etype) {
$entities_types[$etype['id']] = $etype;
}
//save entities for proadmin
foreach ($entities_all as $entity) {
if (in_array($entity["id"], $entities_list)) {
$entities_pro[$entity["id"]] = $entity["name"] . " [" . $entities_types[$entity["type"]]["name"] . "]";
}
}
// filter users
$users_pro = array();
function main_page($viewall, $sortby, $sortdir)
{
global $uroles, $username, $dbconn, $hosts;
global $arruser, $user;
$tz = Util::get_timezone();
if ($sortby == "") {
$sortby = "id";
}
if ($sortdir == "") {
$sortdir = "DESC";
}
/* if ( $uroles['admin'] ) {
if($viewall == 1) {
echo " <a href='manage_jobs.php'>View My Schedules</a> | ";
} else {
echo " <a href='manage_jobs.php?viewall=1'>View All Schedules</a> | ";
}
} else {
$viewall = "1";
}*/
//echo "<a href='sched.php?op=reoccuring'>New Schedule</a> |<br><br>";
$sql_order = "order by {$sortby} {$sortdir}";
// if($viewall == 1) {
// $url_sortby="<a href=\"manage_jobs.php?viewall=1&sortby=";
// } else {
// $url_sortby="<a href=\"manage_jobs.php?sortby=";
// }
echo "<center>";
status($arruser, $user);
echo "<br>";
echo "<form>";
echo "<input type=\"button\" onclick=\"document.location.href='sched.php?smethod=schedule&hosts_alive=1&scan_locally=1'\" value=\"" . _("New Scan Job") . "\" class=\"button\">";
echo " ";
echo "<input type=\"button\" onclick=\"document.location.href='sched.php?smethod=inmediately&hosts_alive=1&scan_locally=1'\" value=\"" . _("Run Scan Now") . "\" class=\"button\">";
echo "</form>";
echo "</center>";
echo "<br>";
$schedulejobs = _("Scheduled Jobs");
echo <<<EOT
<center>
<table cellspacing="0" cellpadding="0" border="0" width="90%"><tr><td class="headerpr" style="border:0;">{$schedulejobs}</td></tr></table>
<table cellspacing="2" width="90%" summary="Job Schedules"
border=0 cellspacing="0" cellpadding="0">
EOT;
if ($sortdir == "ASC") {
$sortdir = "DESC";
} else {
$sortdir = "ASC";
}
$arr = array(_("Name"), _("Schedule Type"), _("Time"), _("Next Scan"), _("Status"));
// modified by hsh to return all scan schedules
if (in_array("admin", $arruser)) {
$query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id ";
} else {
$query = "SELECT t2.name as profile, t1.meth_TARGET, t1.id, t1.name, t1.schedule_type, t1.meth_VSET, t1.meth_TIMEOUT, t1.username, t1.enabled, t1.next_CHECK, t1.email\n FROM vuln_job_schedule t1 LEFT JOIN vuln_nessus_settings t2 ON t1.meth_VSET=t2.id WHERE username in ('{$user}') ";
}
// if($viewall == 1) { // list all schedules
// } else { // view only logged in users schedules
// $query .= "where username='******' ";
// }
$query .= $sql_order;
$result = $dbconn->execute($query);
if ($result->EOF) {
echo "<tr><td height='20' class='nobborder' style='text-align:center;'>" . _("No Scheduled Jobs") . "</td></tr>";
}
if (!$result->EOF) {
echo "<tr>";
foreach ($arr as $value) {
echo "<th><a href=\"manage_jobs.php?sortby={$value}&sortdir={$sortdir}\">{$value}</a></th>";
}
echo "<th>" . _("Action") . "</th></tr>";
}
while (!$result->EOF) {
list($profile, $targets, $schedid, $schedname, $schedtype, $sid, $timeout, $user, $schedstatus, $nextscan, $servers) = $result->fields;
$tz = intval($tz);
$nextscan = gmdate("Y-m-d H:i:s", Util::get_utc_unixtime($dbconn, $nextscan) + 3600 * $tz);
preg_match("/\\d+\\-\\d+\\-\\d+\\s(\\d+:\\d+:\\d+)/", $nextscan, $found);
$time = $found[1];
switch ($schedtype) {
case "N":
$stt = _("Once (Now)");
break;
case "O":
$stt = _("Once");
break;
case "D":
$stt = _("Daily");
break;
case "W":
$stt = _("Weekly");
break;
case "M":
$stt = _("Monthly");
break;
case "Q":
$stt = _("Quarterly");
break;
case "H":
$stt = _("On Hold");
break;
case "NW":
$stt = _("N<sup>th</sup> weekday of the month");
break;
default:
$stt = " ";
break;
}
switch ($schedstatus) {
case "1":
$itext = _("Disable Scheduled Job");
$isrc = "images/stop2.png";
$ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=0";
break;
default:
$itext = _("Enable Scheduled Job");
$isrc = "images/play.png";
$ilink = "manage_jobs.php?disp=setstatus&schedid={$schedid}&enabled=1";
break;
}
if ($schedstatus) {
$txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"green\">" . _("Enabled") . "</font></a></td>";
} else {
$txt_enabled = "<td><a href=\"{$ilink}\"><font color=\"red\">" . _("Disabled") . "</font></a></td>";
}
if (preg_match('/^\\d+$/', $user)) {
list($entities_all, $num_entities) = Acl::get_entities($dbconn, $user);
$user = $entities_all[$user]['name'];
}
echo <<<EOT
<tr>
EOT;
if ($profile == "") {
$profile = _("Default");
}
echo "<td><a style=\"text-decoration:none;\" href=\"javascript:;\" txt=\"<b>" . _("Owner") . ":</b> {$user}<br><b>" . _("Server") . ":</b> {$servers}<br /><b>" . _("Scheduled Job ID") . ":</b> {$schedid}<br><b>" . _("Profile") . ":</b> {$profile}<br><b>" . _("Targets") . ":</b><br>" . tooltip_hosts($targets, $hosts) . "\" class=\"scriptinfo\">{$schedname}</a></td>";
?>
<td><?php
echo $stt;
?>
</td>
<td><?php
echo $time;
?>
</td>
<td><?php
echo $nextscan;
?>
</td>
<?php
echo <<<EOT
{$txt_enabled}
<td style="padding-top:2px;"><a href="{$ilink}"><img alt="{$itext}" src="{$isrc}" border=0 title="{$itext}"></a>
EOT;
echo "<a href='sched.php?disp=edit_sched&sched_id={$schedid}&hmenu=Vulnerabilities&smenu=Jobs'><img src='images/pencil.png' title='" . gettext("Edit Scheduled") . "'></a> ";
echo "<a href='manage_jobs.php?disp=delete&schedid={$schedid}' onclick='return confirmDelete();'><img src='images/delete.gif' title='" . gettext("Delete Scheduled") . "'></a></td>";
echo <<<EOT
</tr>
EOT;
$result->MoveNext();
}
echo <<<EOT
</table></center>
EOT;
echo "<br>";
if ($_GET['page'] != "") {
$page = $_GET['page'];
} else {
$page = 1;
}
$pagesize = 10;
if ($username == "admin") {
$query = "SELECT count(id) as num FROM vuln_jobs";
} else {
$query = "SELECT count(id) as num FROM vuln_jobs where username='******'";
}
$result = $dbconn->Execute($query);
$jobCount = $result->fields["num"];
$num_pages = ceil($jobCount / $pagesize);
//echo "num_pages:[".$num_pages."]";
//echo "jobCount:[".$jobCount."]";
//echo "page:[".$page."]";
all_jobs(0, 10, "R");
// only running jobs
?>
<br />
<?php
$out = all_jobs(($page - 1) * $pagesize, $pagesize);
?>
<table width="90%" align="center" class="transparent">
<tr><td style="text-align:center;padding-top:5px;" class="nobborder">
<a href="javascript:;" onclick="$('#legend').toggle();$('#message_show').toggle();$('#message_hide').toggle();" colspan="2"><img src="../pixmaps/arrow_green.gif" align="absmiddle" border="0">
<span id="message_show"><?php
echo _("Show legend");
?>
</span>
<span id="message_hide" style="display:none"><?php
echo _("Hide legend");
?>
</span>
</a>
</td>
<td class="nobborder" valign="top" style="padding-top:5px;">
<?php
if ($out != 0 && $num_pages != 1) {
if ($page == 1 && $page == $num_pages) {
echo '<center><< ' . _("First") . ' <' . _(" Previous") . ' [' . $page . ' ' . _("of") . ' ' . $num_pages . '] ' . _("Next") . ' > ' . _("Last") . ' >></center>';
} elseif ($page == 1) {
echo '<center><< ' . _("First") . ' < ' . _("Previous") . ' [' . $page . ' ' . _("of") . ' ' . $num_pages . '] <a href="manage_jobs.php?page=' . ($page + 1) . '">' . _("Next") . ' ></a> <a href="manage_jobs.php?page=' . $num_pages . '">' . _("Last") . ' >></a></center>';
} elseif ($page == $num_pages) {
echo '<center><a href="manage_jobs.php?page=1"><< ' . _("First") . '</a> <a href="manage_jobs.php?page=' . ($page - 1) . '">< ' . _("Previous") . '</a> [' . $page . ' ' . _("of") . ' ' . $num_pages . '] ' . _("Next") . '> ' . _("Last") . ' >></center>';
} else {
echo '<center><a href="manage_jobs.php?page=1"><< ' . _("First") . '</a> <a href="manage_jobs.php?page=' . ($page - 1) . '">< ' . _("Previous") . '</a> [' . $page . ' ' . _("of") . ' ' . $num_pages . '] <a href="manage_jobs.php?page=' . ($page + 1) . '">' . _("Next") . ' ></a> <a href="manage_jobs.php?page=' . $num_pages . '">' . _("Last") . ' >></a></center>';
}
//echo "<br>";
}
?>
</td>
</tr>
<tr>
<td width="110" class="nobborder">
<table width="100%" cellpadding="3" cellspacing="3" id="legend" style="display:none;">
<tr>
<th colspan="2" style="padding-right: 3px;">
<div style="float: left; width: 60%; text-align: right;padding-top:3px;"><b><?php
echo _("Legend");
?>
</b></div>
<div style="float: right; width: 18%; padding-top: 2px; padding-bottom: 2px; text-align: right;"><a style="cursor: pointer; text-align: right;" onclick="$('#legend').toggle();$('#message_show').toggle();$('#message_hide').toggle();"><img src="../pixmaps/cross-circle-frame.png" alt="Close" title="Close" align="absmiddle" border="0"></a></div>
</th>
</tr>
<tr>
<td bgcolor="#EFFFF7" style="border:1px solid #999999" width="25%"></td><td class="nobborder" width="75%" style="text-align:left;padding-left:7px;"><?php
echo _("Completed");
?>
</td>
</tr>
<tr>
<td bgcolor="#EFE1E0" style="border:1px solid #999999" width="25%"></td><td class="nobborder" width="75%" style="text-align:left;padding-left:7px;"><?php
echo _("Failed");
?>
</td>
</tr>
<tr>
<td bgcolor="#D1E7EF" style="border:1px solid #999999" width="25%"></td><td class="nobborder" width="75%" style="text-align:left;padding-left:7px;"><?php
echo _("Running");
?>
</td>
</tr>
<tr>
<td bgcolor="#DFF7FF" style="border:1px solid #999999" width="25%"></td><td class="nobborder" width="75%" style="text-align:left;padding-left:7px;"><?php
echo _("Scheduled");
?>
</td>
</tr>
<tr>
<td bgcolor="#FFFFDF" style="border:1px solid #999999" width="25%"></td><td class="nobborder" width="75%" style="text-align:left;padding-left:7px;"><?php
echo _("Timeout");
?>
</td>
</tr>
</table>
</td>
<td class="nobborder">
</td>
</tr>
</table>
<?php
}
