//$qs->AddValidAction("del_alert");
//$qs->AddValidAction("email_alert");
//$qs->AddValidAction("email_alert2");
//$qs->AddValidAction("csv_alert");
//$qs->AddValidAction("archive_alert");
//$qs->AddValidAction("archive_alert2");
//$qs->AddValidActionOp(gettext("Delete Selected"));
//$qs->AddValidActionOp(gettext("Delete ALL on Screen"));
$qs->SetActionSQL($from . $where);
$et->Mark("Initialization");
$qs->RunAction($submit, PAGE_STAT_UADDR, $db);
$et->Mark("Alert Action");
/* Setup the Query Results Table */
$qro = new QueryResultsOutput("base_stat_uaddr.php?caller=" . $caller . "&addr_type=" . $addr_type);
$qro->AddTitle(" ");
$sort_sql = $qro->GetSortSQL($qs->GetCurrentSort(), $qs->GetCurrentCannedQuerySort());
$sql = "(SELECT DISTINCT ip_src, 'S', COUNT(acid_event.cid) as num_events " . $sort_sql[0] . $from . $where . " GROUP BY ip_src HAVING num_events>0 " . $sort_sql[1] . ") UNION (SELECT DISTINCT ip_dst, 'D', COUNT(acid_event.cid) as num_events " . $sort_sql[0] . $from . $where . " GROUP BY ip_dst HAVING num_events>0 " . $sort_sql[1] . ")";
// use accumulate tables only with timestamp criteria
if ($use_ac) {
$where = $more = $sqla = $sqlb = $sqlc = "";
if (preg_match("/timestamp/", $criteria_clauses[1])) {
$where = "WHERE " . str_replace("timestamp", "day", $criteria_clauses[1]);
}
$orderby = str_replace("acid_event.", "", $sort_sql[1]);
// $orderby not included
$sql = "(SELECT DISTINCT ip_src, 'S', sum(cid) as num_events\n\t\tFROM ac_srcaddr_ipsrc {$where} GROUP BY ip_src HAVING num_events>0) UNION \n\t\t(SELECT DISTINCT ip_dst, 'D', sum(cid) as num_events\n\t\tFROM ac_dstaddr_ipdst {$where} GROUP BY ip_dst HAVING num_events>0)";
}
//echo $sql;
//print_r($_SESSION);
/* Run the Query again for the actual data (with the LIMIT) */
$result = $qs->ExecuteOutputQueryNoCanned($sql, $db);