コード例 #1
0
function load_users($dbconn)
{
    $users = Session::get_users_to_assign($dbconn);
    foreach ($users as $user) {
        $json_users .= '{ "txt":"' . utf8_encode($user->get_name()) . ' [User]", "id": "u_' . $user->get_login() . '" },';
    }
    return $json_users;
}
コード例 #2
0
ファイル: settings.php プロジェクト: jhbsz/ossimTest
function edit_autoenable($sid)
{
    global $dbconn, $username, $version;
    navbar($sid);
    $query = "select id, name, description, autoenable, type, owner, auto_cat_status, auto_fam_status, update_host_tracker\n      FROM vuln_nessus_settings where id={$sid}";
    $result = $dbconn->execute($query);
    echo <<<EOT
<form method="post" action="settings.php">
<input type="hidden" name="disp" value="update">
<input type="hidden" name="sid" value="{$sid}">
EOT;
    list($sid, $sname, $sdescription, $sautoenable, $stype, $sowner, $auto_cat_status, $auto_fam_status, $tracker) = $result->fields;
    //if($stype=='G') { $stc = "checked"; }  else { $stc = ""; }
    if (is_numeric($sowner) && intval($sowner) != 0) {
        $entity = $sowner;
    } else {
        $user = $sowner;
    }
    if ($tracker == '1') {
        $cktracker = "checked";
    } else {
        $cktracker = "";
    }
    echo <<<EOT
<center>
<table>
<tr>
EOT;
    echo "<th>" . _("Name") . ":</th>";
    echo '
   <td><input type="text" name="sname" value="' . html_entity_decode($sname) . '" size=50/>
</tr>
<tr>
';
    echo "<th>" . _("Description") . ":</th>";
    echo '
   <td><input type="text" name="sdescription" value="' . html_entity_decode($sdescription) . '" size=50/></td>
</tr>';
    $users = Session::get_users_to_assign($dbconn);
    $entities = Session::am_i_admin() || $pro && Acl::am_i_proadmin() ? Session::get_entities_to_assign($dbconn) : null;
    ?>
	<tr>
        <th><?php 
    echo _("Make this profile available for");
    ?>
:</th>
        <td>
			<table cellspacing="0" cellpadding="0" align='center' class="transparent">
				<tr>
					<td class='nobborder'><span style='margin-right:3px'><?php 
    echo _("User:"******"user" style="width:150px" id="user" onchange="switch_user('user');return false;" >
							
							<?php 
    $num_users = 0;
    $current_user = Session::get_session_user();
    if (!Session::am_i_admin()) {
        $user = $user == "" && $entity == "" ? $current_user : $user;
    }
    foreach ($users as $k => $v) {
        $login = $v->get_login();
        $selected = $login == $user ? "selected='selected'" : "";
        $options .= "<option value='" . $login . "' {$selected}>{$login}</option>\n";
        $num_users++;
    }
    if ($num_users == 0) {
        echo "<option value='-1' style='text-align:center !important;'>- " . _("No users found") . " -</option>";
    } else {
        echo "<option value='-1' style='text-align:center !important;'>- " . _("Select users") . " -</option>";
        if (Session::am_i_admin()) {
            $default_selected = ($user == "" || intval($user) == 0) && $entity == "" ? "selected='selected'" : "";
            echo "<option value='0' {$default_selected}>" . _("ALL") . "</option>\n";
        }
        echo $options;
    }
    ?>
						</select>
					</td>
			
					<?php 
    if (!empty($entities)) {
        ?>
					<td style='text-align:center; border:none; !important'><span style='padding:5px;'><?php 
        echo _("OR");
        ?>
<span></td>
									
					<td class='nobborder'><span style='margin-right:3px'><?php 
        echo _("Entity:");
        ?>
</span></td>
					<td class='nobborder'>	
						<select name="entity" style="width:170px" id="entity" onchange="switch_user('entity');return false;">
							<option value="-1" style='text-align:center !important;'>- <?php 
        echo _("Entity not assigned");
        ?>
 -</option>
							<?php 
        foreach ($entities as $k => $v) {
            $selected = $k == $user_entity ? "selected='selected'" : "";
            echo "<option value='{$k}' {$selected}>{$v}</option>";
        }
        ?>
						</select>
					</td>
						<?php 
    }
    ?>
				</tr>
			</table>
		</td>
	</tr>

<?php 
    echo "<tr style='display:none'>";
    echo "<th>" . _("Link scans run by this profile in Network Hosts") . "<br>" . _("Purpose so that Network Hosts can be tracking full/perfered audits") . ".</th>";
    echo "<td class='left'><input type='checkbox' name='tracker' {$cktracker}/><font color='red'>" . _("Update Host Tracker \"Network Hosts\" Status") . "</font></input></td>";
    echo "</tr>";
    echo "<tr>\n<th valign='top' style='background-position:top center;'>" . _("Autoenable options") . ":</th>\n<td><SELECT name=\"sautoenable\" onChange=\"showEnableBy();return false;\">";
    //echo "<option value=\"N\"";
    //   if ($sautoenable=="N") { echo " selected";}
    //   echo ">None";
    echo "<option value=\"C\"";
    if ($sautoenable == "C") {
        echo " selected";
    }
    echo ">" . _("Autoenable by category") . "<option value=\"F\"";
    if ($sautoenable == "F") {
        echo " selected";
    }
    echo ">" . _("Autoenable by family") . "</select>";
    echo "<div id=\"cat1\"" . ($sautoenable == "C" ? "" : "style=\"display:none;\"") . ">";
    // now the auto-enable status pulldowns
    echo "<br>" . _("Initial status for autoenabled Categories") . ": ";
    echo "<select name='auto_cat_status'>";
    echo "<option value='1'";
    if ($auto_cat_status == 1) {
        echo " selected";
    }
    echo ">" . _("Enable All") . "</option>";
    echo "<option value='2'";
    if ($auto_cat_status == 2) {
        echo " selected";
    }
    echo ">" . _("Enable New") . "</option>";
    echo "<option value='3'";
    if ($auto_cat_status == 3) {
        echo " selected";
    }
    echo ">" . _("Disable New") . "</option>";
    echo "<option value='4'";
    if ($auto_cat_status == 4) {
        echo " selected";
    }
    echo ">" . _("Disable All") . "</option>";
    echo "<option value='5'";
    if ($auto_cat_status == 5) {
        echo " selected";
    }
    echo ">" . _("Intelligent") . "</option><br>";
    echo "</select>";
    echo "<br><br><br></div>";
    echo "<div id=\"fam1\"" . ($sautoenable == "F" ? "" : "style=\"display:none;\"") . ">";
    echo "<br>" . _("Initial status for autoenabled Families") . ": ";
    echo "<select name='auto_fam_status'>";
    echo "<option value='1'";
    if ($auto_fam_status == 1) {
        echo " selected";
    }
    echo ">" . _("Enable All") . "</option>";
    echo "<option value='2'";
    if ($auto_fam_status == 2) {
        echo " selected";
    }
    echo ">" . _("Enable New") . "</option>";
    echo "<option value='3'";
    if ($auto_fam_status == 3) {
        echo " selected";
    }
    echo ">" . _("Disable New") . "</option>";
    echo "<option value='4'";
    if ($auto_fam_status == 4) {
        echo " selected";
    }
    echo ">" . _("Disable All") . "</option>";
    echo "<option value='5'";
    if ($auto_fam_status == 5) {
        echo " selected";
    }
    echo ">" . _("Intelligent") . "</option>";
    echo "</select>";
    echo "</div>";
    echo "<p></p>";
    echo "<div id=\"cat2\"" . ($sautoenable == "C" ? "" : "style=\"display:none;\"") . ">";
    echo "<B>" . _("Autoenable plugins in categories") . ":</B><BR><BR>";
    $query = "SELECT t1.cid, t2.name, t1.status FROM vuln_nessus_settings_category as t1, \n   vuln_nessus_category as t2 \n     where t1.sid={$sid} \n   and t1.cid=t2.id \n     order by t2.name";
    // var_dump($query);
    $result = $dbconn->execute($query);
    echo <<<EOT
<table bordercolor="#6797BF" border="0" cellspacing="2" cellpadding="0">
EOT;
    echo "<tr><th>" . _("Name") . "</th>";
    echo "<th>" . _("Enable All") . "</th>";
    echo "<th>" . _("Enable New") . "</th>";
    echo "<th>" . _("Disable New") . "</th>";
    echo "<th>" . _("Disable All") . "</th>";
    echo "<th>" . _("Intelligent") . "</th></tr>";
    while (!$result->EOF) {
        list($cid, $name, $status) = $result->fields;
        echo "<tr><td style=\"text-align:left;padding-left:3px;\">" . strtoupper($name) . "</td>";
        echo "<td><input type=\"radio\" name=\"c_{$cid}\" value=\"1\" ";
        if ($status == 1) {
            echo "checked";
        }
        echo "></td><td><input type=\"radio\" name=\"c_{$cid}\" value=\"2\" ";
        if ($status == 2) {
            echo "checked";
        }
        echo "></td><td><input type=\"radio\" name=\"c_{$cid}\" value=\"3\" ";
        if ($status == 3) {
            echo "checked";
        }
        echo "></td>";
        echo "<td><input type=\"radio\" name=\"c_{$cid}\" value=\"4\" ";
        if ($status == 4) {
            echo "checked";
        }
        echo "></td>";
        echo "<td><input type=\"radio\" name=\"c_{$cid}\" value=\"5\" ";
        if ($status == 5) {
            echo "checked";
        }
        echo "></td></tr>";
        $result->MoveNext();
    }
    echo "</table><BR>";
    echo "</div>";
    echo "<div id=\"fam2\"" . ($sautoenable == "F" ? "" : "style=\"display:none;\"") . ">";
    $query = "select t1.fid, t2.name, t1.status \n     from vuln_nessus_settings_family as t1, \n   vuln_nessus_family as t2 \n     where t1.sid={$sid} \n   and t1.fid=t2.id \n     order by t2.name";
    $result = $dbconn->execute($query);
    echo "<B><BR><BR>" . _("Autoenable plugins in families") . ":<BR><BR></B>";
    echo <<<EOT
<table bordercolor="#6797BF" border="0" cellspacing="2" cellpadding="0">
EOT;
    echo "<tr><th>" . _("Name") . "</th>";
    echo "<th>" . _("Enable All") . "</th>";
    echo "<th>" . _("Enable New") . "</th>";
    echo "<th>" . _("Disable New") . "</th>";
    echo "<th>" . _("Disable All") . "</th>";
    echo "<th>" . _("Intelligent") . "</th></tr>";
    while (!$result->EOF) {
        list($fid, $name, $status) = $result->fields;
        echo "<tr><td style=\"text-align:left;padding-left:3px;\">{$name}</td>";
        echo "<td><input type=\"radio\" name=\"f_{$fid}\" value=\"1\" ";
        if ($status == 1) {
            echo "checked";
        }
        echo "></td>";
        echo "<td><input type=\"radio\" name=\"f_{$fid}\" value=\"2\" ";
        if ($status == 2) {
            echo "checked";
        }
        echo "></td>";
        echo "<td><input type=\"radio\" name=\"f_{$fid}\" value=\"3\" ";
        if ($status == 3) {
            echo "checked";
        }
        echo "></td>";
        echo "<td><input type=\"radio\" name=\"f_{$fid}\" value=\"4\" ";
        if ($status == 4) {
            echo "checked";
        }
        echo "></td>";
        echo "<td><input type=\"radio\" name=\"f_{$fid}\" value=\"5\" ";
        if ($status == 5) {
            echo "checked";
        }
        echo "></td></tr>";
        $result->MoveNext();
    }
    echo "</table></div></td></tr></table></center><br/>";
    echo "<input type=\"submit\" name=\"submit\" value=\"" . _("Update") . "\" class=\"button updateautoenable\"><br/><br/></form>";
}
コード例 #3
0
ファイル: new_scan.php プロジェクト: jackpf/ossim-arc
     $sql_perms .= " OR owner IN('" . implode("', '", $owners) . "')";
     $args = "WHERE name='Default' OR name='Deep' OR name='Ultimate' " . $sql_perms;
 }
 $query = "SELECT id, name, description, owner, type FROM vuln_nessus_settings {$args} ORDER BY name";
 $conn->SetFetchMode(ADODB_FETCH_BOTH);
 $result = $conn->execute($query);
 while (!$result->EOF) {
     $p_description = $result->fields['description'] != '' ? ' - ' . $result->fields['description'] : '';
     $v_profiles[$result->fields['id']]['name&description'] = $result->fields['name'] . $p_description;
     if ($sid == '' && $result->fields['name'] == 'Default' || $result->fields['id'] == $sid) {
         $v_profiles[$result->fields['id']]['selected'] = 'selected="selected"';
     }
     $result->MoveNext();
 }
 // load users and entities
 $users = Session::get_users_to_assign($conn);
 $users_to_assign = array();
 foreach ($users as $u_key => $u_value) {
     $users_to_assign[$u_value->get_login()]['selected'] = $u_value->get_login() == $user ? 'selected="selected"' : '';
     $users_to_assign[$u_value->get_login()]['name'] = $u_value->get_login();
 }
 $entities = Session::get_entities_to_assign($conn);
 $entities_to_assign = array();
 foreach ($entities as $e_key => $e_value) {
     $entities_to_assign[$e_key]['selected'] = $e_key == $entity ? 'selected="selected"' : '';
     $entities_to_assign[$e_key]['name'] = $e_value;
 }
 // load credentials
 $ssh_cred = Vulnerabilities::get_credentials($conn, 'ssh');
 $ssh_arr = array();
 foreach ($ssh_cred as $cred) {
コード例 #4
0
ファイル: actionform.php プロジェクト: jackpf/ossim-arc
function ticket_form($action)
{
    global $conn;
    $users = Session::get_users_to_assign($conn);
    if (Session::is_pro()) {
        $entities = Acl::get_entities_to_assign($conn);
    }
    ?>
	<tr class="tticket">
	   <td colspan="2" class="nobborder">&nbsp;</td>
	</tr>
	<tr class="tticket">
		<th><label for="in_charge"><?php 
    echo _('In Charge:') . required();
    ?>
</label></th>
		<td class="nobborder left">
			<table cellspacing="0" cellpadding="0" class="transparent">
                <tr>
                    <td class="nobborder">
                        <label for="transferred_user"><?php 
    echo _('User:'******'set_focus(this);' name="transferred_user" id="transferred_user" class="vfield" onchange="switch_user('user');return false;">
                        <?php 
    $num_users = 0;
    foreach ($users as $k => $v) {
        $login = $v->get_login();
        $options .= "<option value='{$login}'" . ($action == $login ? " selected" : "") . ">{$login}</option>\n";
        $num_users++;
    }
    if ($num_users == 0) {
        echo "<option value='' style='text-align:center !important;'>- " . _("No users found") . "- </option>";
    } else {
        echo "<option value='' style='text-align:center !important;' selected='selected'>- " . _("Select one user") . " -</option>\n";
        echo $options;
    }
    ?>
                        </select>
                    </td>
                
                <?php 
    if (!empty($entities)) {
        ?>
                    <td class="nobborder" nowrap='nowrap'>
                        <label for="transferred_entity" style='margin-right: 3px;'><?php 
        echo _('OR') . ' ' . _('Entity:');
        ?>
</label>
                    </td>
                    <td class="nobborder">
                        <select onfocus='set_focus(this);' name="transferred_entity" id="transferred_entity" class="vfield" onchange="switch_user('entity');return false;">
                        <?php 
        if (count($entities) == 0) {
            echo "<option value='' style='text-align:center !important;'>- " . _('No entities found') . " -</option>";
        } else {
            echo "<option value='' style='text-align:center !important;'>- " . _('Select one entity') . " -</option>\n";
        }
        foreach ($entities as $k => $v) {
            echo "<option value='{$k}'" . ($action == $k ? " selected" : "") . ">{$v}</option>";
        }
        ?>
                        </select>
                    </td>
                <?php 
    }
    ?>
                </tr>
			</table>
		</td>
	</tr>
    <?php 
}
コード例 #5
0
ファイル: index.php プロジェクト: jackpf/ossim-arc
    if (file_exists($backup_dir . "/delete-" . $rs->fields["day"] . ".sql.gz")) {
        $delete[] = $rs->fields["day"];
    }
    $rs->MoveNext();
}
// Insert
while ($file = $dir->read()) {
    if (preg_match("/^insert\\-(.+)\\.sql\\.gz/", $file, $found)) {
        if (!in_array($found[1], $delete) && !$executing[$found[1]]) {
            $insert[] = $found[1];
        }
    }
}
rsort($insert);
$dir->close();
$users = Session::get_users_to_assign($conn_ossim);
$entities = Session::get_entities_to_assign($conn_ossim);
// Clear Data Tables button
if (GET('cleardatatables') != '' && Session::am_i_admin()) {
    if (!Token::verify('tk_delete_events', GET('token'))) {
        Token::show_error();
        exit;
    } else {
        // kill all deleting tasks
        $cmd = "ps ax -o pid,command | grep bg_purge_from_siem | grep -v grep | grep -v 'sh -c' |  awk '{print \$1\":\"\$4}'";
        $pids = Util::execute_command($cmd, FALSE, 'array');
        if (!empty($pids)) {
            foreach ($pids as $pdata) {
                list($pid, $name_file) = explode(":", $pdata);
                $cpids = Util::execute_command("ps -o pid --no-headers --ppid ?", array($pid), 'array');
                foreach ($cpids as $cpid) {
コード例 #6
0
ファイル: newincident.php プロジェクト: jackpf/ossim-arc
    }
    // Add common parameters validation rules
    $validate['title'] = array('validation' => "OSS_ALPHA, OSS_SPACE, OSS_PUNC_EXT, '\\>'", 'e_message' => 'illegal:' . _('Title'));
    $validate['priority'] = array('validation' => 'OSS_DIGIT', 'e_message' => 'illegal:' . _('Priority'));
    $validate['type'] = array('validation' => 'OSS_ALPHA, OSS_PUNC_EXT, OSS_SPACE, OSS_SCORE, OSS_NULLABLE', 'e_message' => 'illegal:' . _('Type'));
    $validate['submitter'] = array('validation' => 'OSS_USER, OSS_PUNC, OSS_NULLABLE', 'e_message' => 'illegal:' . _('Submitter'));
}
// ossim_valid
$validation_errors = validate_form_fields('POST', $validate);
if (is_array($validation_errors) && !empty($validation_errors)) {
    foreach ($validation_errors as $error) {
        echo ossim_error($error);
    }
    exit;
}
$users = Session::get_users_to_assign($conn, 'ORDER BY name ASC');
$entities = Session::get_entities_to_assign($conn);
$form_url = "manageincident.php?action={$action}&ref={$ref}&incident_id={$incident_id}";
if ($ref == 'Custom' && !empty($custom_type)) {
    $form_url .= "&type={$type}";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
    <title> <?php 
echo _("OSSIM Framework");
?>
 </title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
    <meta http-equiv="Pragma" content="no-cache"/>
コード例 #7
0
ファイル: index.php プロジェクト: jackpf/ossim-arc
</th>
            <th width="20%"><?php 
    echo _('Total Captures');
    ?>
</th>
            <th width="20%"><?php 
    echo _('Status');
    ?>
</th>
        </tr>
            <?php 
    $i = 1;
    foreach ($sensors_status as $sensor_ip => $sensor_info) {
        // check permissions
        $users = array();
        $users_in_perms = Session::get_users_to_assign($dbconn);
        foreach ($users_in_perms as $user) {
            $users[$user->get_login()] = $user->get_login();
        }
        $iper = 0;
        if (is_array($scans_by_sensor[$sensor_ip])) {
            foreach ($scans_by_sensor[$sensor_ip] as $data) {
                $scan_info_to_check = explode('_', $data);
                if ($users[$scan_info_to_check[1]] == '') {
                    unset($scans_by_sensor[$sensor_ip][$iper]);
                }
                $iper++;
            }
        }
        // *************
        // Some IDs to make Selenium tests
コード例 #8
0
function clone_tab_all($conn, $data)
{
    $panel = $data['panel'];
    $from = $data['user'];
    ossim_valid($from, OSS_USER, 'illegal:' . _("User Origin"));
    ossim_valid($panel, OSS_DIGIT, 'illegal:' . _("Tab ID"));
    if (ossim_error()) {
        $info_error = "Error: " . ossim_get_error();
        ossim_clean_error();
        $return['error'] = TRUE;
        $return['msg'] = $info_error;
        return $return;
    }
    if (!get_user_valid($from)) {
        $return['error'] = TRUE;
        $return['msg'] = _('You do not have permission to clone this tab');
        return $return;
    }
    try {
        $tab = new Dashboard_tab($panel, $from);
    } catch (Exception $e) {
        $return['error'] = TRUE;
        $return['msg'] = $e->getMessage();
        return $return;
    }
    $users = Session::get_users_to_assign($conn);
    if (count($users) == 1 && $users[0]->login == $from) {
        $return['error'] = TRUE;
        $return['msg'] = 'unique_user';
        return $return;
    }
    foreach ($users as $user) {
        if ($from == $user->login) {
            continue;
        }
        try {
            $tab->clone_tab($user->login);
        } catch (Exception $e) {
            $return['error'] = TRUE;
            $return['msg'] = $e->getMessage();
            return $return;
        }
    }
    $_SESSION['_db_perms_msg_index'] = 1;
    $return['error'] = FALSE;
    $return['msg'] = _("Tab Cloned Successfully");
    return $return;
}
コード例 #9
0
$date_to = GET('date_to');
$myself = Session::get_session_user();
ossim_valid($order, OSS_ALPHA, OSS_SPACE, OSS_SCORE, 'illegal:' . _("order"));
ossim_valid($inf, OSS_DIGIT, 'illegal:' . _("inf"));
ossim_valid($sup, OSS_DIGIT, 'illegal:' . _("order"));
ossim_valid($user, OSS_USER, OSS_NULLABLE, 'illegal:' . _("hide_closed"));
ossim_valid($code, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("hide_closed"));
ossim_valid($action, OSS_ALPHA, OSS_SPACE, OSS_NULLABLE, 'illegal:' . _("action"));
ossim_valid($date_from, OSS_DIGIT, OSS_NULLABLE, "\\-", 'illegal:' . _("Date from"));
ossim_valid($date_to, OSS_DIGIT, OSS_NULLABLE, "\\-", 'illegal:' . _("Date to"));
if (ossim_error()) {
    die(ossim_error());
}
$filter = '';
$usersf = array();
$users = Session::get_users_to_assign($conn, $myself);
foreach ($users as $k => $v) {
    $usersf[$v->get_login()] = "'" . $v->get_login() . "'";
}
//User filter
if (empty($user)) {
    if (!Session::am_i_admin()) {
        if (is_array($usersf) && !empty($usersf)) {
            $filter .= " AND log_action.login in (" . implode(",", $usersf) . ")";
        }
    }
} else {
    if (!empty($usersf[$user])) {
        $filter .= " AND log_action.login = '******'";
    } else {
        if (is_array($usersf) && !empty($usersf)) {
コード例 #10
0
ファイル: sched.php プロジェクト: jhbsz/ossimTest
function tab_discovery()
{
    global $component, $uroles, $editdata, $scheduler, $username, $useremail, $dbconn, $disp, $enScanRequestImmediate, $enScanRequestRecur, $timeout, $smethod, $SVRid, $sid, $ip_list, $ip_exceptions_list, $schedule_type, $ROYEAR, $ROday, $ROMONTH, $time_hour, $time_min, $dayofweek, $dayofmonth, $sname, $user, $entity, $hosts_alive, $scan_locally, $version, $nthweekday, $semail, $not_resolve;
    global $pluginOptions, $enComplianceChecks, $profileid;
    $conf = $GLOBALS["CONF"];
    $pre_scan_locally_status = $conf->get_conf("nessus_pre_scan_locally", FALSE);
    $user_selected = $user;
    $entity_selected = $entity;
    $SVRid_selected = $SVRid;
    $sid_selected = $sid != "" ? $sid : $editdata['meth_VSET'];
    $timeout_selected = $editdata["meth_TIMEOUT"];
    $ip_list_selected = str_replace("\\r\\n", "\n", str_replace(";;", "\n", $ip_list));
    if (count($ip_exceptions_list) > 0) {
        $ip_list_selected .= "\n" . implode("\n", $ip_exceptions_list);
    }
    $ROYEAR_selected = $ROYEAR;
    $ROday_selected = $ROday;
    $ROMONTH_selected = $ROMONTH;
    $time_hour_selected = $time_hour;
    $time_min_selected = $time_min;
    $dayofweek_selected = $dayofweek;
    $dayofmonth_selected = $dayofmonth;
    $sname_selected = $sname;
    //print_r($editdata);
    if ($schedule_type != "") {
        $editdata['schedule_type'] = $schedule_type;
    }
    $cquery_like = "";
    if ($component != "") {
        $cquery_like = " AND component='{$component}'";
    }
    $today = date("Ymd");
    $tyear = substr($today, 0, 4);
    $nyear = $tyear + 1;
    $tmonth = substr($today, 4, 2);
    $tday = substr($today, 6, 2);
    #SET VALUES UP IF EDIT SCHEDULER
    if (isset($editdata['notify'])) {
        $enotify = $editdata['notify'];
    } else {
        $enotify = "{$useremail}";
    }
    if (isset($editdata['time'])) {
        list($time_hour, $time_min, $time_sec) = split(':', $editdata['time']);
    }
    $arrTypes = array("N", "O", "D", "W", "M", "NW");
    foreach ($arrTypes as $type) {
        $sTYPE[$type] = "";
    }
    $arrJobTypes = array("C", "M", "R", "S");
    foreach ($arrJobTypes as $type) {
        $sjTYPE[$type] = "";
    }
    if (isset($editdata['schedule_type'])) {
        $sTYPE[$editdata['schedule_type']] = "CHECKED";
        if ($editdata['schedule_type'] == 'D') {
            $ni = 2;
        } elseif ($editdata['schedule_type'] == 'O') {
            $ni = 3;
        } elseif ($editdata['schedule_type'] == 'W') {
            $ni = 4;
        } elseif ($editdata['schedule_type'] == 'NW') {
            $ni = 6;
        } else {
            $ni = 5;
        }
        $show = "<br><script language=javascript>showLayer('idSched', {$ni});</script>";
    } else {
        if ($enScanRequestImmediate) {
            $sTYPE['N'] = "CHECKED";
            $show = "<br><script language=javascript>showLayer('idSched', 1);</script>";
        } else {
            $sTYPE['O'] = "checked";
            $show = "<br><script language=javascript>showLayer('idSched', 3);</script>";
        }
    }
    if ($schedule_type != "") {
        if ($schedule_type == "N") {
            $show .= "<br><script language=javascript>showLayer('idSched', 1);</script>";
        }
        if ($schedule_type == "O") {
            $show .= "<br><script language=javascript>showLayer('idSched', 3);</script>";
        }
        if ($schedule_type == "D") {
            $show .= "<br><script language=javascript>showLayer('idSched', 2);</script>";
        }
        if ($schedule_type == "W") {
            $show .= "<br><script language=javascript>showLayer('idSched', 4);</script>";
        }
        if ($schedule_type == "M") {
            $show .= "<br><script language=javascript>showLayer('idSched', 5);</script>";
        }
        if ($schedule_type == "NW") {
            $show .= "<br><script language=javascript>showLayer('idSched', 6);</script>";
        }
    }
    if (isset($editdata['job_TYPE'])) {
        $sjTYPE[$editdata['job_TYPE']] = "SELECTED";
    } else {
        $sjTYPE['M'] = "SELECTED";
    }
    if (isset($editdata['day_of_month'])) {
        $dayofmonth = $editdata['day_of_month'];
    }
    if (isset($editdata['day_of_week'])) {
        $day[$editdata['day_of_week']] = "SELECTED";
    }
    if ($dayofweek_selected != "") {
        $day[$dayofweek_selected] = "SELECTED";
    }
    if (!$uroles['nessus']) {
        $name = "sr-" . substr($username, 0, 6) . "-" . time();
        $name = $editdata['name'] == "" ? $name : $editdata['name'];
        $nameout = $name . "<input type=hidden style='width:200px' name='sname' value='{$name}'>";
    } else {
        $nameout = "<input type=text style='width:200px' name='sname' value='" . ($sname_selected != "" ? "{$sname_selected}" : "{$editdata['name']}") . "'>";
    }
    $discovery = "<input type=\"hidden\" name=\"cred_type\" value=\"N\">";
    $discovery .= "<table width=\"80%\">";
    $discovery .= "<tr>";
    $discovery .= "<input type=\"hidden\" name=\"smethod\" value=\"{$smethod}\">";
    $discovery .= "<td align=\"Right\" width=\"30%\">" . _("Job Name") . ":</td>";
    $discovery .= "<td style=\"text-align:left;\">{$nameout}</td>";
    $discovery .= "</tr>";
    $query = "SELECT id, name, hostname\n     FROM vuln_nessus_servers\n     WHERE enabled='1' AND status='A'";
    $result = $dbconn->execute($query);
    $discovery .= "<tr>";
    $discovery .= "<td align=\"right\">" . _("Select Server") . ":</td>";
    $discovery .= "<td style=\"text-align:left;\"><select name=\"SVRid\">";
    //if($SVRid=="" || $SVRid_selected=="Null") {
    $discovery .= "<option value=\"Null\">" . _("First Available Server-Distributed") . "</option>";
    //}
    while (!$result->EOF) {
        list($SVRid, $sname, $shostIP) = $result->fields;
        if (Session::am_i_admin() || Session::sensorAllowed($shostIP)) {
            // $shostIP=="localhost" ||
            $discovery .= "<option value=\"{$SVRid}\" ";
            if ($editdata['scan_ASSIGNED'] != "" && $editdata['scan_ASSIGNED'] == $SVRid) {
                $discovery .= " SELECTED";
            }
            if ($SVRid_selected == $SVRid) {
                $discovery .= " SELECTED";
            }
            $discovery .= ">" . strtoupper($sname) . " [{$shostIP}] </option>";
        }
        $result->MoveNext();
    }
    $discovery .= <<<EOT
      </select>
    </td>
  </tr>
  <tr>
EOT;
    $discovery .= "<td align='right' width='25%'>" . _("Profile") . ":</td>";
    $discovery .= "<td style='text-align:left;'><select name='sid'>";
    //$query = "SELECT distinct(t1.id), t1.name, t1.description
    //  FROM vuln_nessus_settings t1
    //   LEFT JOIN vuln_nessus_settings_users t2 ON t1.id = t2.sid
    //   WHERE t1.type = 'G' OR t2.username='******'
    //   ORDER BY t1.name";
    $query = "";
    if ($username == "admin" || Session::am_i_admin()) {
        $query = "SELECT distinct(t1.id), t1.name, t1.description \n                 FROM vuln_nessus_settings t1 WHERE deleted='0'\n                 ORDER BY t1.name";
    } else {
        if (preg_match("/pro|demo/i", $version)) {
            if (Acl::am_i_proadmin()) {
                $pro_users = array();
                $entities_list = Acl::get_user_entities($current_user);
                //list($entities_admin,$num) = Acl::get_entities_admin($dbconn,Session::get_session_user());
                //$entities_list = array_keys($entities_admin);
                $users = Acl::get_my_users($dbconn, Session::get_session_user());
                foreach ($users as $us) {
                    $pro_users[] = $us["login"];
                }
                $query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n                      WHERE deleted = '0' and (name='Default' or owner in ('0','" . implode("','", array_merge($entities_list, $pro_users)) . "')) ORDER BY t1.name";
            } else {
                $tmp = array();
                $entities = Acl::get_user_entities($username);
                foreach ($entities as $entity) {
                    $tmp[] = "'" . $entity . "'";
                }
                if (count($tmp) > 0) {
                    $user_where = "owner in ('0','{$username}'," . implode(", ", $tmp) . ")";
                } else {
                    $user_where = "owner in ('0','{$username}')";
                }
                $query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n                      WHERE deleted = '0' and (name='Default' or {$user_where}) ORDER BY t1.name";
            }
        } else {
            $query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n                     WHERE deleted = '0' and (name='Default' or owner in ('0','{$username}')) ORDER BY t1.name";
        }
    }
    //var_dump($query);
    $result = $dbconn->execute($query);
    $job_profiles = array();
    $id_found = false;
    $ipr = 0;
    while (!$result->EOF) {
        list($sid, $sname, $sdescription) = $result->fields;
        if ($sid_selected == $sid) {
            $id_found = true;
        }
        $job_profiles[$ipr]["sid"] = $sid;
        $job_profiles[$ipr]["sname"] = $sname;
        $job_profiles[$ipr]["sdescription"] = $sdescription;
        $ipr++;
        $result->MoveNext();
    }
    foreach ($job_profiles as $profile_data) {
        $sid = $profile_data["sid"];
        $sname = $profile_data["sname"];
        $sdescription = $profile_data["sdescription"];
        $discovery .= "<option value=\"{$sid}\" ";
        if ($sid_selected == $sid) {
            if ($sdescription != "") {
                $discovery .= "selected>{$sname} - {$sdescription}</option>";
            } else {
                $discovery .= "selected>{$sname}</option>";
            }
        } else {
            if ($sdescription != "") {
                $discovery .= (preg_match("/default/i", $sname) && !$id_found ? 'selected="selected"' : "") . ">{$sname} - {$sdescription}</option>";
            } else {
                $discovery .= (preg_match("/default/i", $sname) && !$id_found ? 'selected="selected"' : "") . ">{$sname}</option>";
            }
        }
    }
    $discovery .= "</select>&nbsp;&nbsp;&nbsp[<a href=\"settings.php?hmenu=Vulnerabilities&amp;smenu=ScanProfiles\">" . _("Edit Profiles") . "</a>]</td>";
    $discovery .= "</tr>";
    $discovery .= "<tr>";
    $discovery .= "<td align='right'>" . _("Timeout") . "</td>";
    $discovery .= "<td style=\"text-align:left;\" nowrap><input type='text' style='width:80px' name='timeout' value='" . ($timeout_selected == "" ? "{$timeout}" : "{$timeout_selected}") . "'>";
    $discovery .= "<font color='black'>&nbsp;&nbsp;&nbsp;" . _("Max scan run time in seconds") . "&nbsp;&nbsp;&nbsp;</font></td>";
    $discovery .= "</tr>";
    if ($smethod == "inmediately") {
        $discovery .= "<tr>";
        $discovery .= "<td style=\"text-align:center;\" nowrap>" . _("Schedule Method") . ":</td>";
        $discovery .= "<td style=\"text-align:left;\" nowrap>" . _("Inmediately") . "<td>";
        $discovery .= "</tr>";
        $discovery .= "<tr style='display:none'>";
    } else {
        $discovery .= "<tr>";
    }
    $discovery .= "<td style=\"text-align:left;padding-left:35px;\">" . _("Schedule Method") . ":<br>";
    if (!$scheduler && $enScanRequestImmediate) {
        $discovery .= "<input type=\"radio\" name=\"schedule_type\" value=\"N\" onClick=\"showLayer('idSched', 1)\" {$sTYPE['N']}>" . _("Immediately") . "</input><br>";
    }
    if (!$scheduler) {
        $discovery .= "<input type=\"radio\" name=\"schedule_type\" value=\"O\" onClick=\"showLayer('idSched', 3)\"  {$sTYPE['O']}>" . _("Run Once") . "</input><br>";
    }
    if ($scheduler || $enScanRequestRecur) {
        $discovery .= "<input type=\"radio\" name=\"schedule_type\" value=\"D\" onClick=\"showLayer('idSched', 2)\" {$sTYPE['D']}>" . _("Daily") . "</input><br>";
        $discovery .= "<input type=\"radio\" name=\"schedule_type\" value=\"W\" onClick=\"showLayer('idSched', 4)\" {$sTYPE['W']}>" . _("Day of the Week") . "</input><br>";
        $discovery .= "<input type=\"radio\" name=\"schedule_type\" value=\"M\" onClick=\"showLayer('idSched', 5)\" {$sTYPE['M']}>" . _("Day of the Month") . "</input><br>";
        $discovery .= "<input type=\"radio\" name=\"schedule_type\" value=\"NW\" onClick=\"showLayer('idSched', 6)\" {$sTYPE['NW']}>" . _("N<sup>th</sup> weekday of the month") . "</input><br>";
    }
    $discovery .= <<<EOT
    </td>
    <td><div>
      <div id="idSched1" class="forminput">
      </div>
      <div id="idSched3" class="forminput">
        <table cellspacing="2" cellpadding="0" width="100%">
EOT;
    $discovery .= "<tr><td colspan='7' class='noborder'>" . gettext("Year") . "&nbsp;<select name='ROYEAR'>";
    $discovery .= "<option value=\"{$tyear}\" " . ($ROYEAR_selected == "" || $ROYEAR_selected == $tyear ? "selected" : "") . ">{$tyear}</option>";
    $discovery .= "<option value=\"{$nyear}\" " . ($ROYEAR_selected == $nyear ? "selected" : "") . ">{$nyear}</option>";
    $discovery .= "</select>&nbsp;&nbsp;&nbsp;" . gettext("Month") . "&nbsp;<select name='ROMONTH'>";
    /*     $discovery .= <<<EOT
        </td>
        <td><div>
          <div id="idSched1" class="forminput">
          </div>
          <div id="idSched3" class="forminput">
            <table cellspacing="2" cellpadding="0" width="100%">
              <tr><td colspan="7" class="noborder">Year&nbsp;<select name="ROYEAR">
                <option value="$tyear" selected>$tyear</option>";
                <option value="$nyear">$nyear</option>";
                </select>&nbsp;&nbsp;&nbsp;Month&nbsp;<select name="ROMONTH">";
    EOT;*/
    for ($i = 1; $i <= 12; $i++) {
        $discovery .= "<option value=\"{$i}\" ";
        if ($i == $tmonth && $ROMONTH_selected == "" || $ROMONTH_selected == $i) {
            $discovery .= "selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= "</select>&nbsp;&nbsp;&nbsp;" . gettext("Day") . "&nbsp;<select name=\"ROday\">";
    for ($i = 1; $i <= 31; $i++) {
        $discovery .= "<option value=\"{$i}\" ";
        if ($i == $tday && $ROday_selected == "" || $ROday_selected == $i) {
            $discovery .= "selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
          </tr>
        </table>
      </div>
      <div id="idSched4" class="forminput" > 
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th align=\"right\">" . _("Weekly") . "</td><td colspan=\"2\" class=\"noborder\">";
    $discovery .= "<select name=\"dayofweek\">";
    $discovery .= "<option value=\"Su\" SELECTED >" . gettext("Select week day to run") . "</option>";
    $discovery .= "<option value=\"Su\" {$day['Su']} >" . gettext("Sunday") . "</option>";
    $discovery .= "<option value=\"Mo\" {$day['Mo']} >" . gettext("Monday") . "</option>";
    $discovery .= "<option value=\"Tu\" {$day['Tu']} >" . gettext("Tuesday") . "</option>";
    $discovery .= "<option value=\"We\" {$day['We']} >" . gettext("Wednesday") . "</option>";
    $discovery .= "<option value=\"Th\" {$day['Th']} >" . gettext("Thursday") . "</option>";
    $discovery .= "<option value=\"Fr\" {$day['Fr']} >" . gettext("Friday") . "</option>";
    $discovery .= "<option value=\"Sa\" {$day['Sa']} >" . gettext("Saturday") . "</option>";
    $discovery .= "</select>";
    $discovery .= "</td>";
    $discovery .= <<<EOT
          </tr>
        </table>
      </div>
      <div id="idSched5" class="forminput">
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th align='right'>" . gettext("Select Day") . "</td>";
    $discovery .= <<<EOT
            <td colspan="2" class="noborder"><select name="dayofmonth">"
EOT;
    for ($i = 1; $i <= 31; $i++) {
        $discovery .= "<option value=\"{$i}\"";
        if ($dayofmonth == $i && $dayofmonth_selected == "" || $dayofmonth_selected == $i) {
            $discovery .= " selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
          </tr>
        </table>
      </div>
      <div id="idSched6" class="forminput">
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th align=\"right\">" . gettext("Day of week") . "</th><td colspan=\"2\" class=\"noborder\">";
    $discovery .= "<select name=\"nthdayofweek\">";
    $discovery .= "<option value=\"Su\" SELECTED >" . gettext("Select week day to run") . "</option>";
    $discovery .= "<option value=\"Su\" {$day['Su']} >" . gettext("Sunday") . "</option>";
    $discovery .= "<option value=\"Mo\" {$day['Mo']} >" . gettext("Monday") . "</option>";
    $discovery .= "<option value=\"Tu\" {$day['Tu']} >" . gettext("Tuesday") . "</option>";
    $discovery .= "<option value=\"We\" {$day['We']} >" . gettext("Wednesday") . "</option>";
    $discovery .= "<option value=\"Th\" {$day['Th']} >" . gettext("Thursday") . "</option>";
    $discovery .= "<option value=\"Fr\" {$day['Fr']} >" . gettext("Friday") . "</option>";
    $discovery .= "<option value=\"Sa\" {$day['Sa']} >" . gettext("Saturday") . "</option>";
    $discovery .= "</select>";
    $discovery .= "</td>";
    $discovery .= <<<EOT
          </tr>
        </table>
        <br>
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th align='right'>" . gettext("N<sup>th</sup> weekday") . "</th><td colspan='2' class='noborder'>";
    $discovery .= "<select name='nthweekday'>";
    $discovery .= "<option value='1'>" . gettext("Select nth weekday to run") . "</option>";
    $discovery .= "<option value='1'" . ($dayofmonth == 1 ? " selected" : "") . ">" . gettext("First") . "</option>";
    $discovery .= "<option value='2'" . ($dayofmonth == 2 ? " selected" : "") . ">" . gettext("Second") . "</option>";
    $discovery .= "<option value='3'" . ($dayofmonth == 3 ? " selected" : "") . ">" . gettext("Third") . "</option>";
    $discovery .= "<option value='4'" . ($dayofmonth == 4 ? " selected" : "") . ">" . gettext("Fourth") . "</option>";
    $discovery .= "<option value='5'" . ($dayofmonth == 5 ? " selected" : "") . ">" . gettext("Fifth") . "</option>";
    $discovery .= <<<EOT
              </select>
            </td>
          </tr>
        </table>
      </div>
      <div id="idSched2" class="forminput">
        <table width="100%">
EOT;
    $discovery .= "<tr>";
    $discovery .= "<th rowspan='2' align='right' width='30%'>" . gettext("Time") . "</td>";
    $discovery .= "<td align='right'>" . gettext("Hour") . "</td><td>" . gettext("Minutes") . "</td>";
    $discovery .= "</tr>";
    $discovery .= <<<EOT
          <tr>
            <td align="right" class="noborder"><select name="time_hour">
EOT;
    for ($i = 0; $i <= 23; $i++) {
        $discovery .= "<option align=\"right\" value=\"{$i}\"";
        if ($time_hour == $i && $time_hour_selected == "" || $time_hour_selected == $i) {
            $discovery .= " selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
            <td class="noborder"><select name="time_min">
EOT;
    for ($i = 0; $i < 60; $i = $i + 15) {
        $discovery .= "<option value=\"{$i}\"";
        if ($time_min == $i && $time_min_selected == "" || $time_min_selected == $i) {
            $discovery .= " selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
          </tr>
        </table>
      </div>
    </tr>
    
EOT;
    $conf = $GLOBALS["CONF"];
    $version = $conf->get_conf("ossim_server_version", FALSE);
    $pro = preg_match("/pro|demo/i", $version) ? true : false;
    $users = Session::get_users_to_assign($dbconn);
    $entities = Session::get_entities_to_assign($dbconn);
    $discovery .= "<tr>\n\t\t\t\t\t\t<td>" . _("Make this scan job visible for:") . "</td>\n\t\t\t\t\t\t<td style='text-align: left'>\n\t\t\t\t\t\t\t<table cellspacing='0' cellpadding='0' class='transparent' style='margin: 5px 0px;'>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'><span style='margin-right:3px'>" . _('User:'******'nobborder'>\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t<select name='user' id='user' onchange=\"switch_user('user');return false;\">";
    $num_users = 0;
    foreach ($users as $k => $v) {
        $login = $v->get_login();
        $selected = $editdata["username"] == $login || $user_selected == $login ? "selected='selected'" : "";
        $options .= "<option value='" . $login . "' {$selected}>{$login}</option>\n";
        $num_users++;
    }
    if ($num_users == 0) {
        $discovery .= "<option value='' style='text-align:center !important;'>- " . _("No users found") . " -</option>";
    } else {
        $discovery .= "<option value='' style='text-align:center !important;'>- " . _("Select one user") . " -</option>\n";
        $discovery .= $options;
    }
    $discovery .= "\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t</td>";
    if (!empty($entities)) {
        $discovery .= "\t    \t\t\t<td style='text-align:center; border:none; !important'><span style='padding:5px;'>" . _("OR") . "<span></td>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'><span style='margin-right:3px'>" . _("Entity:") . "</span></td>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'>\t\n\t\t\t\t\t\t\t\t\t\t<select name='entity' id='entity' onchange=\"switch_user('entity');return false;\">\n\t\t\t\t\t\t\t\t\t\t\t<option value='' style='text-align:center !important;'>-" . _("Select one entity") . "-</option>";
        foreach ($entities as $k => $v) {
            $selected = $editdata["username"] == $k || $entity_selected == $k ? "selected='selected'" : "";
            $discovery .= "<option value='{$k}' {$selected}>{$v}</option>";
        }
        $discovery .= "\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t</td>";
    }
    $discovery .= " \t    \t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    $discovery .= "<tr><td>" . _("Send an email notification when finished:");
    $discovery .= "</td>";
    $discovery .= "<td style=\"text-align:left;\">";
    $discovery .= "<input type=\"radio\" name=\"semail\" value=\"0\"" . (count($editdata) <= 1 && intval($semail) == 0 || intval($editdata['meth_Wfile']) == 0 ? " checked" : "") . "/>" . _("No");
    $discovery .= "<input type=\"radio\" name=\"semail\" value=\"1\"" . (count($editdata) <= 1 && intval($semail) == 1 || intval($editdata['meth_Wfile']) == 1 ? " checked" : "") . "/>" . _("Yes");
    $discovery .= "</td></tr>";
    $targets_message = _("Targets") . "<br>" . _("(Hosts/Networks)") . "<br>";
    $discovery .= "<tr><td valign=\"top\" style=\"text-align:left;padding-left:50px;\" width=\"20%\" class=\"noborder\"><br>";
    $discovery .= "<input type=\"checkbox\" name=\"hosts_alive\" value=\"1\"" . (count($editdata) <= 1 && intval($hosts_alive) == 1 || intval($editdata['meth_CRED']) == 1 ? " checked" : "") . ">" . _("Only scan hosts that are alive") . "<br>(" . _("greatly speeds up the scanning process") . ")<br><br>";
    //if (Session::am_i_admin())
    $discovery .= "<input type=\"checkbox\" name=\"scan_locally\" value=\"1\"" . ($pre_scan_locally_status == 0 ? " disabled=\"disabled\"" : "") . ($pre_scan_locally_status == 1 && (count($editdata) <= 1 && intval($scan_locally) == 1 || intval($editdata['authorized']) == 1) ? " checked" : "") . ">" . _("Pre-Scan locally") . "<br>(" . _("do not pre-scan from scanning sensor") . ")<br><br>";
    $discovery .= "<input type=\"checkbox\" name=\"not_resolve\" value=\"1\" " . ($editdata['resolve_names'] === "0" || $not_resolve == "1" ? "checked=\"checked\"" : "") . "/>" . _("Do not resolve names");
    //else
    // $discovery .= "<input type=\"hidden\" name=\"scan_locally\" value=\"0\">";
    $discovery .= <<<EOT
        <select name="tarSel" style="display:none;" onClick="if (this.options[this.selectedIndex].value != 'null') {
          showLayer('idTarget', this.options[this.selectedIndex].value ) }">
          <option name="schedule" value="1" {$sjTYPE['M']} selected>IP List</option>
          <option name="schedule" value="2">IP Range</option>
          <option name="schedule" value="3" >Named Target List</option>
          <option name="schedule" value="4">CIDR</option>
          <option name="schedule" value="5" {$sjTYPE['C']} >Subnet</option>
          <option name="schedule" value="6" {$sjTYPE['S']} >Asset List/System</option>
        </select><br><br><br><br><br><br><br><br><br></td>
        <td class="noborder" style="text-align:left" valign="top">
        <div align="left">
          <div id="idTarget1">
\t\t\t<table class="noborder"><tr>
            <td style="text-align:center;padding-bottom:3px;" class="nobborder">{$targets_message}</td>
            </tr>
            <tr>
\t\t\t<td valign="top" class="noborder">
            <table class="transparent" width="100%">
                <tr>
                    <td class='nobborder'>
EOT;
    $discovery .= "<textarea name=\"ip_list\" id=\"ip_list\" cols=\"32\" rows=\"8\">" . ($ip_list_selected == "" ? "{$editdata['meth_TARGET']}" : "{$ip_list_selected}") . "</textarea>";
    $discovery .= "</td></tr>";
    $discovery .= "<tr><td style='text-align:left;' class='nobborder'>";
    $discovery .= "<div id='lassets' style='display:none'>";
    $discovery .= "<img width=\"16\" align=\"absmiddle\" src=\"./images/loading.gif\" border=\"0\" alt=\"" . _("Loading assets...") . "\" title=\"" . _("Loading assets...") . "\">";
    $discovery .= "<span style='margin-left:4px;'>" . _("Loading assets, please wait few seconds...") . "</span>";
    $discovery .= <<<EOT
                        </div>
                <td>
                </tr>
            </table>
\t\t\t</td>
\t\t\t<td valign="top" style="text-align:left" class="noborder">
\t\t\t\t<div id="htree" style="width:450px"></div>
\t\t\t</td>
\t\t\t</tr></table>
          </div>
          <div id="idTarget2" class="forminput">
            <table width="100%" style="border:0;">
              <tr>
                <td align="Right" width="30%"  >Range Start</td>
                <td><input type="text" name="ip_start" value=""></td>
              </tr>
              <tr>
                <td align="Right" width="30%" >Range End</td>
                <td><input type="text" name="ip_end" value=""></td>
              </tr>
            </table>
          </div>
          <div id="idTarget3" class="forminput">
            <textarea name="named_list" cols="32" rows="8"></textarea>
          </div>
          <div id="idTarget4" class="forminput">
            <input type="text" name="cidr" value="">
          </div>
          <div id="idTarget5" class="forminput">
            <table width="100%" style="border:0;">
              <tr>
                <td align="Right" width="30%" ></td>
                <td><select name="subnet">
                  <option value="" >Select A Subnet to Scan</option>
EOT;
    if ($uroles['admin'] || $uroles['auditAll']) {
        $discovery .= "<option value='ALL' >Audit All Subnets - (SINGLE JOB)!!!</option>";
        $query_filter = "AND t1.tiScanApproval='1'";
    } else {
        $query_filter = "AND t4.pn_uname = '{$username}'";
    }
    #$query = "SELECT distinct t1.id, t1.site_code, t1.CIDR
    #          FROM vuln_subnets t1
    #          LEFT JOIN vuln_sites t2 ON t1.site_code = t2.site_code
    #          LEFT JOIN vuln_org_sites t3 ON t2.id = t3.siteID
    #          LEFT JOIN vuln_org_users t4 ON t3.orgID = t4.orgID
    #          WHERE t1.status != 'available' $query_filter
    #          ORDER BY t1.site_code, CIDR";
    //$result=$dbconn->execute($query);
    //while (!$result->EOF) {
    //     list($subid, $scode, $sname)=$result->fields;
    //     if ( $editdata['fk_name'] == $sname ) { $selected= "SELECTED"; } else { $selected=""; }
    //     $discovery .= "<option value=\"$sname\" $selected >[$scode] $sname</option>";
    //     $result->MoveNext();
    //}
    $discovery .= <<<EOT
                </select></td>
              </tr>
            </table>
          </div>
          <div id="idTarget6" class="forminput">
            <table width="100%" style="border:0;">
              <tr>
                <td align="Right" width="30%" ></td>
                <td><select name="system">
                  <option value="" >Select A System to Scan</option>
EOT;
    if ($uroles['admin'] || $uroles['auditAll']) {
    } else {
        $query_filter = "AND t2.pn_uname = '{$username}'";
    }
    #$query = "SELECT distinct t1.id, t1.acronym, t1.name
    #          FROM vuln_systems t1
    #          LEFT JOIN vuln_system_users t2 ON t2.sysID = t1.id
    #          WHERE t1.deleted='0' $cquery_like AND t1.status='assigned' $query_filter
    #          ORDER BY t1.site_code, acronym";
    #$result=$dbconn->execute($query);
    #while (!$result->EOF) {
    #     list($subid, $scode, $sname)=$result->fields;
    #     if ( $editdata['fk_name'] == $scode ) { $selected= "SELECTED"; } else { $selected=""; }
    #     $discovery .= "<option value=\"$scode\" $selected>[$scode] $sname</option>";
    #     $result->MoveNext();
    #}
    $discovery .= <<<EOT
                </select></td>
              </tr>
            </table>
          </div>
        </div>
      </div>
    </td>
  </tr>
</table>
</tr></td></table>
EOT;
    //if(!$scheduler && !$enScanRequestImmediate) {
    //   $discovery .= "<script language=javascript>showLayer('idSched', 3);</script>";
    //}
    $discovery .= $show;
    return $discovery;
}
コード例 #11
0
ファイル: settings.php プロジェクト: AntBean/alienvault-ossim
function select_profile()
{
    global $sid, $username, $dbconn, $version, $nessus_path;
    $args = "";
    if (!Session::am_i_admin()) {
        $my_entities = Session::get_entities_to_assign($dbconn);
        $my_entities["0"] = '0';
        $my_entities_keys = array_keys($my_entities);
        $my_entities = implode("', '", $my_entities_keys);
        $sql_perms = "OR owner IN('" . $my_entities . "')";
        $my_users_list = Session::get_users_to_assign($dbconn);
        $my_users_logins = array();
        foreach ($my_users_list as $user_data) {
            $my_users_logins[] = $user_data->get_login();
        }
        if (!empty($my_users_logins)) {
            $sql_perms .= " OR owner IN('" . implode("', '", $my_entities_keys) . "')";
        }
        $args = "WHERE owner = '" . Session::get_session_user() . "' OR name='Default' OR name='Deep' OR name='Ultimate' " . $sql_perms;
    }
    $layouts = array();
    $query = "SELECT id, name, description, owner, type FROM vuln_nessus_settings {$args} ORDER BY name";
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    $result = $dbconn->execute($query);
    echo "<CENTER>";
    echo "<table class=\"transparent\"><tr><td class=\"sec_title\">" . _("Vulnerability Scan Profiles") . "</td></tr></table>";
    echo "<p>";
    echo _("Please select a profile to edit") . ":";
    echo "</p>";
    echo "<table class='table_list'>";
    echo "<tr>";
    echo "<th>" . _("Available for") . "</th>";
    echo "<th>" . _("Profile") . "</th>";
    echo "<th>" . _("Description") . "</th>";
    echo "<th>" . _("Action") . "</th>";
    echo "</tr>";
    $color = 0;
    while (!$result->EOF) {
        $sid = $result->fields[0];
        $sname = $result->fields[1];
        $sdescription = $result->fields[2];
        $sowner = $result->fields[3];
        $stype = $result->fields[4];
        echo "<tr id='profile{$sid}'>";
        if ($sowner == "0") {
            echo "<td>" . _("All") . "</td>";
        } elseif (valid_hex32($sowner)) {
            echo "<td style='padding:0px 2px 0px 2px;'>" . Session::get_entity_name($dbconn, $sowner) . "</td>";
        } else {
            echo "<td>" . Util::htmlentities($sowner) . "</td>";
        }
        echo "<td width='200'>" . Util::htmlentities($sname) . "</td>";
        echo "<td width='450'>" . Util::htmlentities($sdescription) . "</td>";
        echo "<td>";
        if ($sname == "Default" || $sname == "Deep" || $sname == "Ultimate") {
            echo "<img src=\"images/pencil.png\" class=\"tip disabled\" title=\"" . _("{$sname} profile can't be edited, clone it to make changes") . "\" />";
            echo "<img src=\"images/delete.gif\" class=\"tip disabled\" title=\"" . _("{$sname} profile can't be deleted") . "\" />";
        } else {
            if (Vulnerabilities::can_modify_profile($dbconn, $sname, $sowner)) {
                echo "<a href='settings.php?disp=edit&amp;sid={$sid}'><img class='hand' id='edit_" . md5($sname . $sowner) . "' src='images/pencil.png' ></a>";
            } else {
                echo "<img class='disabled' src='images/pencil.png'>";
            }
            if (Vulnerabilities::can_delete_profile($dbconn, $sname, $sowner)) {
                echo "<img class='hand' src='images/delete.gif'  id='delete_" . md5($sname . $sowner) . "' onclick='deleteProfile({$sid})'>";
            } else {
                echo "<img class='disabled' src=\"images/delete.gif\" >";
            }
        }
        echo "</td>";
        echo "</tr>";
        $result->MoveNext();
        $color++;
    }
    echo "</table>";
    echo "<center>";
    echo "<form>";
    echo "<br/>";
    echo "<input type='button' onclick=\"document.location.href='settings.php?disp=new'\" id=\"new_profile\" value=\"" . _("Create New Profile") . "\"/>";
    echo "</form>";
    echo "</p>";
    echo "</center>";
    // end else
}
コード例 #12
0
ファイル: sched.php プロジェクト: AntBean/alienvault-ossim
function tab_discovery()
{
    global $component, $uroles, $editdata, $scheduler, $username, $useremail, $dbconn, $disp, $enScanRequestImmediate, $enScanRequestRecur, $timeout, $smethod, $SVRid, $sid, $ip_list, $ip_exceptions_list, $schedule_type, $ROYEAR, $ROday, $ROMONTH, $time_hour, $time_min, $dayofweek, $dayofmonth, $sname, $user, $entity, $hosts_alive, $scan_locally, $version, $nthweekday, $semail, $not_resolve, $time_interval, $ssh_credential, $smb_credential, $net_id;
    global $pluginOptions, $enComplianceChecks, $profileid;
    $conf = $GLOBALS["CONF"];
    $users = Session::get_users_to_assign($dbconn);
    $entities_to_assign = Session::get_entities_to_assign($dbconn);
    $pre_scan_locally_status = $conf->get_conf("nessus_pre_scan_locally");
    $user_selected = $user;
    $entity_selected = $entity;
    $SVRid_selected = $SVRid;
    $sid_selected = $sid != "" ? $sid : $editdata['meth_VSET'];
    $timeout_selected = $editdata["meth_TIMEOUT"];
    $ip_list_selected = str_replace("\\r\\n", "\n", str_replace(";;", "\n", $ip_list));
    if (count($ip_exceptions_list) > 0) {
        $ip_list_selected .= "\n" . implode("\n", $ip_exceptions_list);
    }
    $ROYEAR_selected = $ROYEAR;
    $ROday_selected = $ROday;
    $ROMONTH_selected = $ROMONTH;
    $time_hour_selected = $time_hour;
    $time_min_selected = $time_min;
    $dayofweek_selected = $dayofweek;
    $dayofmonth_selected = $dayofmonth;
    $sname_selected = $sname;
    if (preg_match("/^[a-f\\d]{32}\$/i", $net_id)) {
        // Autofill new scan job from deployment
        if (Asset_net::is_in_db($dbconn, $net_id)) {
            $sname_selected = Asset_net::get_name_by_id($dbconn, $net_id);
            $schedule_type = "M";
            $ip_list = array();
            $nips = explode(",", Asset_net::get_ips_by_id($dbconn, $net_id));
            foreach ($nips as $nip) {
                $ip_list[] = $net_id . "#" . trim($nip);
            }
        }
    }
    if ($schedule_type != "") {
        $editdata['schedule_type'] = $schedule_type;
    }
    $cquery_like = "";
    if ($component != "") {
        $cquery_like = " AND component='{$component}'";
    }
    $today = date("Ymd");
    $tyear = substr($today, 0, 4);
    $nyear = $tyear + 1;
    $tmonth = substr($today, 4, 2);
    $tday = substr($today, 6, 2);
    #SET VALUES UP IF EDIT SCHEDULER
    if (isset($editdata['notify'])) {
        $enotify = $editdata['notify'];
    } else {
        $enotify = "{$useremail}";
    }
    if (isset($editdata['time'])) {
        list($time_hour, $time_min, $time_sec) = split(':', $editdata['time']);
        $tz = Util::get_timezone();
        $time_hour = $time_hour + $tz;
    }
    $arrTypes = array("N", "O", "D", "W", "M", "NW");
    foreach ($arrTypes as $type) {
        $sTYPE[$type] = "";
    }
    $arrJobTypes = array("C", "M", "R", "S");
    foreach ($arrJobTypes as $type) {
        $sjTYPE[$type] = "";
    }
    if (isset($editdata['schedule_type'])) {
        $sTYPE[$editdata['schedule_type']] = "selected='selected'";
        if ($editdata['schedule_type'] == 'D') {
            $ni = 2;
        } elseif ($editdata['schedule_type'] == 'O') {
            $ni = 3;
        } elseif ($editdata['schedule_type'] == 'W') {
            $ni = 4;
        } elseif ($editdata['schedule_type'] == 'NW') {
            $ni = 6;
        } else {
            $ni = 5;
        }
        $show = "<br><script language=javascript>showLayer('idSched', {$ni});</script>";
    } else {
        if ($enScanRequestImmediate) {
            $sTYPE['N'] = "selected='selected'";
            $show = "<br><script language=javascript>showLayer('idSched', 1);</script>";
        } else {
            $sTYPE['O'] = "selected='selected'";
            $show = "<br><script language=javascript>showLayer('idSched', 3);</script>";
        }
    }
    if ($schedule_type != "") {
        if ($schedule_type == "N") {
            $show .= "<br><script language=javascript>showLayer('idSched', 1);</script>";
        }
        if ($schedule_type == "O") {
            $show .= "<br><script language=javascript>showLayer('idSched', 3);</script>";
        }
        if ($schedule_type == "D") {
            $show .= "<br><script language=javascript>showLayer('idSched', 2);</script>";
        }
        if ($schedule_type == "W") {
            $show .= "<br><script language=javascript>showLayer('idSched', 4);</script>";
        }
        if ($schedule_type == "M") {
            $show .= "<br><script language=javascript>showLayer('idSched', 5);</script>";
        }
        if ($schedule_type == "NW") {
            $show .= "<br><script language=javascript>showLayer('idSched', 6);</script>";
        }
    }
    if (isset($editdata['job_TYPE'])) {
        $sjTYPE[$editdata['job_TYPE']] = "SELECTED";
    } else {
        $sjTYPE['M'] = "SELECTED";
    }
    if (isset($editdata['day_of_month'])) {
        $dayofmonth = $editdata['day_of_month'];
    }
    if (isset($editdata['day_of_week'])) {
        $day[$editdata['day_of_week']] = "SELECTED";
    }
    if ($dayofweek_selected != "") {
        $day[$dayofweek_selected] = "SELECTED";
    }
    if (!$uroles['nessus']) {
        $name = "sr-" . substr($username, 0, 6) . "-" . time();
        $name = $editdata['name'] == "" ? $name : $editdata['name'];
        $nameout = $name . "<input type=hidden style='width:210px' name='sname' value='{$name}'>";
    } else {
        $nameout = "<input type=text style='width:210px' name='sname' value='" . ($sname_selected != "" ? "{$sname_selected}" : "{$editdata['name']}") . "'>";
    }
    $discovery = "<input type=\"hidden\" name=\"save_scan\" value=\"1\">";
    $discovery .= "<input type=\"hidden\" name=\"cred_type\" value=\"N\">";
    $discovery .= "<table width=\"80%\" cellspacing=\"4\">";
    $discovery .= "<tr>";
    $discovery .= "<input type=\"hidden\" name=\"smethod\" value=\"{$smethod}\">";
    $discovery .= "<td width=\"25%\" class='job_option'>" . Util::strong(_("Job Name") . ":") . "</td>";
    $discovery .= "<td style=\"text-align:left;\">{$nameout}</td>";
    $discovery .= "</tr>";
    list($sensor_list, $total) = Av_sensor::get_list($dbconn);
    $discovery .= "<tr>";
    $discovery .= "<td class='job_option'>" . Util::strong(_("Select Server") . ":") . "</td>";
    $discovery .= "<td style='text-align:left;'><select id='SVRid' style='width:212px' name='SVRid'>";
    $discovery .= "<option value='Null'>" . _("First Available Server-Distributed") . "</option>";
    foreach ($sensor_list as $_sensor_id => $sensor_data) {
        if (intval($sensor_data['properties']['has_vuln_scanner']) == 1) {
            $discovery .= "<option value=\"{$_sensor_id}\" ";
            if ($editdata['email'] == $_sensor_id || $editdata['scan_ASSIGNED'] == $_sensor_id) {
                $discovery .= " SELECTED";
            }
            if ($SVRid_selected == $_sensor_id) {
                $discovery .= " SELECTED";
            }
            $discovery .= ">" . strtoupper($sensor_data['name']) . " [" . $sensor_data['ip'] . "] </option>";
        }
    }
    $discovery .= <<<EOT
      </select>
    </td>
  </tr>
  <tr>
EOT;
    $discovery .= "<td class='job_option'>" . Util::strong(_("Profile") . ":") . "</td>";
    $discovery .= "<td style='text-align:left;'><select name='sid'>";
    $query = "";
    if ($username == "admin" || Session::am_i_admin()) {
        $query = "SELECT distinct(t1.id), t1.name, t1.description \n                 FROM vuln_nessus_settings t1 WHERE deleted='0'\n                 ORDER BY t1.name";
    } else {
        if (Session::is_pro()) {
            $users_and_entities = Acl::get_entities_to_assign($dbconn);
            if (Acl::am_i_proadmin()) {
                $users = Acl::get_my_users($dbconn, Session::get_session_user());
                foreach ($users as $us) {
                    $users_and_entities[$us->get_login()] = $us->get_login();
                }
                $owner_list['0'] = '0';
                $owner_list = array_keys($users_and_entities);
                $owner_list = implode("','", $owner_list);
                $query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n                      WHERE deleted = '0' and (name='Default' or owner in ('" . $owner_list . "')) ORDER BY t1.name";
            } else {
                $owner_list['0'] = '0';
                $owner_list[$username] = $username;
                $owner_list = array_keys($users_and_entities);
                $owner_list[] = Session::get_session_user();
                $owner_list = implode("','", $owner_list);
                $user_where = "owner in ('" . $owner_list . "')";
                $query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n                      WHERE deleted = '0' and (name='Default' or {$user_where}) ORDER BY t1.name";
            }
        } else {
            $query = "SELECT distinct(t1.id), t1.name, t1.description FROM vuln_nessus_settings t1\n                     WHERE deleted = '0' and (name='Default' or owner in ('0','{$username}')) ORDER BY t1.name";
        }
    }
    $dbconn->SetFetchMode(ADODB_FETCH_BOTH);
    $result = $dbconn->execute($query);
    $job_profiles = array();
    $id_found = false;
    $ipr = 0;
    while (!$result->EOF) {
        list($sid, $sname, $sdescription) = $result->fields;
        if ($sid_selected == $sid) {
            $id_found = true;
        }
        $job_profiles[$ipr]["sid"] = $sid;
        $job_profiles[$ipr]["sname"] = $sname;
        $job_profiles[$ipr]["sdescription"] = $sdescription;
        $ipr++;
        $result->MoveNext();
    }
    foreach ($job_profiles as $profile_data) {
        $sid = $profile_data["sid"];
        $sname = $profile_data["sname"];
        $sdescription = $profile_data["sdescription"];
        $discovery .= "<option value=\"{$sid}\" ";
        if ($sid_selected == $sid) {
            if ($sdescription != "") {
                $discovery .= "selected>{$sname} - {$sdescription}</option>";
            } else {
                $discovery .= "selected>{$sname}</option>";
            }
        } else {
            if ($sdescription != "") {
                $discovery .= (preg_match("/default/i", $sname) && !$id_found ? 'selected="selected"' : "") . ">{$sname} - {$sdescription}</option>";
            } else {
                $discovery .= (preg_match("/default/i", $sname) && !$id_found ? 'selected="selected"' : "") . ">{$sname}</option>";
            }
        }
    }
    $discovery .= "</select>&nbsp;&nbsp;&nbsp<a href=\"" . Menu::get_menu_url('settings.php', 'environment', 'vulnerabilities', 'scan_jobs') . "\">[" . _("EDIT PROFILES") . "]</a></td>";
    $discovery .= "</tr>";
    $discovery .= "<tr>";
    $discovery .= "<td class='job_option' style='vertical-align: top;'><div>" . Util::strong(_("Schedule Method") . ":") . "</div></td>";
    $discovery .= "<td style='text-align:left'><div><select name='schedule_type' id='scheduleM'>";
    $discovery .= "<option value='N' {$sTYPE['N']}>" . _("Immediately") . "</option>";
    $discovery .= "<option value='O' {$sTYPE['O']}>" . _("Run Once") . "</option>";
    $discovery .= "<option value='D' {$sTYPE['D']}>" . _("Daily") . "</option>";
    $discovery .= "<option value='W' {$sTYPE['W']}>" . _("Day of the Week") . "</option>";
    $discovery .= "<option value='M' {$sTYPE['M']}>" . _("Day of the Month") . "</option>";
    $discovery .= "<option value='NW' {$sTYPE['NW']}>" . _("N<sup>th</sup> weekday of the month") . "</option>";
    $discovery .= "</select></div></tr>";
    $smethods = array("O", "D", "W", "M", "NW");
    $smethodtr_display = in_array($editdata['schedule_type'], $smethods) ? "" : "style='display:none'";
    $discovery .= "<tr {$smethodtr_display} id='smethodtr'><td>&nbsp;</td>";
    $discovery .= <<<EOT
    </td>
    <td><div>
      <div id="idSched1" class="forminput">
      </div>
EOT;
    // div to select start day
    $discovery .= "<div id=\"idSched8\" class=\"forminput\">";
    $discovery .= "<table cellspacing=\"2\" cellpadding=\"0\" width=\"100%\">";
    $discovery .= "<tr><th width='35%'>" . _("Begin in") . "</th><td class='noborder' nowrap='nowrap'>" . gettext("Year") . "&nbsp;<select name='biyear'>";
    $discovery .= "<option value=\"{$tyear}\" selected>{$tyear}</option>";
    $discovery .= "<option value=\"{$nyear}\" >{$nyear}</option>";
    $discovery .= "</select>&nbsp;&nbsp;&nbsp;" . gettext("Month") . "&nbsp;<select name='bimonth'>";
    for ($i = 1; $i <= 12; $i++) {
        $discovery .= "<option value=\"{$i}\" ";
        if ($i == $tmonth) {
            $discovery .= "selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= "</select>&nbsp;&nbsp;&nbsp;" . gettext("Day") . "&nbsp;<select name=\"biday\">";
    for ($i = 1; $i <= 31; $i++) {
        $discovery .= "<option value=\"{$i}\" ";
        if ($i == $tday) {
            $discovery .= "selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= "</select></td>";
    $discovery .= "</tr>";
    $discovery .= "</table>";
    $discovery .= "</div>";
    $discovery .= <<<EOT
      <div id="idSched3" class="forminput">
        <table cellspacing="2" cellpadding="0" width="100%">
EOT;
    $discovery .= "<tr><th width='35%'>" . _("Day") . "</th><td colspan='6' class='noborder' nowrap='nowrap'>" . gettext("Year") . "&nbsp;<select name='ROYEAR'>";
    $discovery .= "<option value=\"{$tyear}\" " . ($ROYEAR_selected == "" || $ROYEAR_selected == $tyear ? "selected" : "") . ">{$tyear}</option>";
    $discovery .= "<option value=\"{$nyear}\" " . ($ROYEAR_selected == $nyear ? "selected" : "") . ">{$nyear}</option>";
    $discovery .= "</select>&nbsp;&nbsp;&nbsp;" . gettext("Month") . "&nbsp;<select name='ROMONTH'>";
    for ($i = 1; $i <= 12; $i++) {
        $discovery .= "<option value=\"{$i}\" ";
        if ($i == $tmonth && $ROMONTH_selected == "" || $ROMONTH_selected == $i) {
            $discovery .= "selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= "</select>&nbsp;&nbsp;&nbsp;" . gettext("Day") . "&nbsp;<select name=\"ROday\">";
    for ($i = 1; $i <= 31; $i++) {
        $discovery .= "<option value=\"{$i}\" ";
        if ($i == $tday && $ROday_selected == "" || $ROday_selected == $i) {
            $discovery .= "selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
          </tr>
        </table>
      </div>
      <div id="idSched4" class="forminput" > 
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th align=\"right\" width=\"35%\">" . _("Weekly") . "</th><td colspan=\"2\" class=\"noborder\">";
    $discovery .= "<select name=\"dayofweek\">";
    $discovery .= "<option value=\"Su\" SELECTED >" . gettext("Select week day to run") . "</option>";
    $discovery .= "<option value=\"Su\" {$day['Su']} >" . gettext("Sunday") . "</option>";
    $discovery .= "<option value=\"Mo\" {$day['Mo']} >" . gettext("Monday") . "</option>";
    $discovery .= "<option value=\"Tu\" {$day['Tu']} >" . gettext("Tuesday") . "</option>";
    $discovery .= "<option value=\"We\" {$day['We']} >" . gettext("Wednesday") . "</option>";
    $discovery .= "<option value=\"Th\" {$day['Th']} >" . gettext("Thursday") . "</option>";
    $discovery .= "<option value=\"Fr\" {$day['Fr']} >" . gettext("Friday") . "</option>";
    $discovery .= "<option value=\"Sa\" {$day['Sa']} >" . gettext("Saturday") . "</option>";
    $discovery .= "</select>";
    $discovery .= "</td>";
    $discovery .= <<<EOT
          </tr>
        </table>
      </div>
      <div id="idSched5" class="forminput">
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th width='35%'>" . gettext("Select Day") . "</td>";
    $discovery .= <<<EOT
            <td colspan="2" class="noborder"><select name="dayofmonth">"
EOT;
    for ($i = 1; $i <= 31; $i++) {
        $discovery .= "<option value=\"{$i}\"";
        if ($dayofmonth == $i && $dayofmonth_selected == "" || $dayofmonth_selected == $i) {
            $discovery .= " selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
          </tr>
        </table>
      </div>
      <div id="idSched6" class="forminput">
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th width=\"35%\">" . gettext("Day of week") . "</th><td colspan=\"2\" class=\"noborder\">";
    $discovery .= "<select name=\"nthdayofweek\">";
    $discovery .= "<option value=\"Su\" SELECTED >" . gettext("Select week day to run") . "</option>";
    $discovery .= "<option value=\"Su\" {$day['Su']} >" . gettext("Sunday") . "</option>";
    $discovery .= "<option value=\"Mo\" {$day['Mo']} >" . gettext("Monday") . "</option>";
    $discovery .= "<option value=\"Tu\" {$day['Tu']} >" . gettext("Tuesday") . "</option>";
    $discovery .= "<option value=\"We\" {$day['We']} >" . gettext("Wednesday") . "</option>";
    $discovery .= "<option value=\"Th\" {$day['Th']} >" . gettext("Thursday") . "</option>";
    $discovery .= "<option value=\"Fr\" {$day['Fr']} >" . gettext("Friday") . "</option>";
    $discovery .= "<option value=\"Sa\" {$day['Sa']} >" . gettext("Saturday") . "</option>";
    $discovery .= "</select>";
    $discovery .= "</td>";
    $discovery .= <<<EOT
          </tr>
        </table>
        <br>
        <table width="100%">
          <tr>
EOT;
    $discovery .= "<th align='right'>" . gettext("N<sup>th</sup> weekday") . "</th><td colspan='2' class='noborder'>";
    $discovery .= "<select name='nthweekday'>";
    $discovery .= "<option value='1'>" . gettext("Select nth weekday to run") . "</option>";
    $discovery .= "<option value='1'" . ($dayofmonth == 1 ? " selected" : "") . ">" . gettext("First") . "</option>";
    $discovery .= "<option value='2'" . ($dayofmonth == 2 ? " selected" : "") . ">" . gettext("Second") . "</option>";
    $discovery .= "<option value='3'" . ($dayofmonth == 3 ? " selected" : "") . ">" . gettext("Third") . "</option>";
    $discovery .= "<option value='4'" . ($dayofmonth == 4 ? " selected" : "") . ">" . gettext("Fourth") . "</option>";
    $discovery .= "<option value='5'" . ($dayofmonth == 5 ? " selected" : "") . ">" . gettext("Fifth") . "</option>";
    $discovery .= "<option value='6'" . ($dayofmonth == 6 ? " selected" : "") . ">" . gettext("Sixth") . "</option>";
    $discovery .= "<option value='7'" . ($dayofmonth == 7 ? " selected" : "") . ">" . gettext("Seventh") . "</option>";
    $discovery .= "<option value='8'" . ($dayofmonth == 8 ? " selected" : "") . ">" . gettext("Eighth") . "</option>";
    $discovery .= "<option value='9'" . ($dayofmonth == 9 ? " selected" : "") . ">" . gettext("Ninth") . "</option>";
    $discovery .= "<option value='10'" . ($dayofmonth == 10 ? " selected" : "") . ">" . gettext("Tenth") . "</option>";
    $discovery .= <<<EOT
              </select>
            </td>
          </tr>
        </table>
      </div>
EOT;
    $discovery .= "<div id='idSched7' class='forminput' style=margin-bottom:3px;>";
    $discovery .= "<table width='100%'>";
    $discovery .= "<tr>";
    $discovery .= "<th width='35%'>" . _("Frequency") . "</th>";
    $discovery .= "<td width='100%' style='text-align:center;' class='nobborder'>";
    $discovery .= "<span style='margin-right:5px;'>" . _("Every") . "</span>";
    $discovery .= "<select name='time_interval'>";
    for ($itime = 1; $itime <= 30; $itime++) {
        $discovery .= "<option value='" . $itime . "'" . ($editdata['time_interval'] == $itime ? " selected" : "") . ">" . $itime . "</option>";
    }
    $discovery .= "</select>";
    $discovery .= "<span id='days' style='margin-left:5px'>" . _("day(s)") . "</span><span id='weeks' style='margin-left:5px'>" . _("week(s)") . "</span>";
    $discovery .= "</td>";
    $discovery .= "</tr>";
    $discovery .= "</table>";
    $discovery .= "</div>";
    $discovery .= <<<EOT
      <div id="idSched2" class="forminput">
        <table width="100%">
EOT;
    $discovery .= "<tr>";
    $discovery .= "<th rowspan='2' align='right' width='35%'>" . gettext("Time") . "</td>";
    $discovery .= "<td align='right'>" . gettext("Hour") . "</td>";
    $discovery .= <<<EOT
            <td align="left" class="noborder"><select name="time_hour">
EOT;
    for ($i = 0; $i <= 23; $i++) {
        $discovery .= "<option value=\"{$i}\"";
        if ($time_hour == $i && $time_hour_selected == "" || $time_hour_selected == $i) {
            $discovery .= " selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= "</select></td><td align='right'>" . gettext("Minutes") . "</td>\n            <td class='noborder' align='left'><select name='time_min'>";
    for ($i = 0; $i < 60; $i = $i + 15) {
        $discovery .= "<option value=\"{$i}\"";
        if ($time_min == $i && $time_min_selected == "" || $time_min_selected == $i) {
            $discovery .= " selected";
        }
        $discovery .= ">{$i}</option>";
    }
    $discovery .= <<<EOT
            </select></td>
          </tr>
        </table>
      </div>
    </tr>
    
EOT;
    $discovery .= "<tr>";
    $discovery .= "\t\t<td class='madvanced'><a class='section'><img id='advanced_arrow' border='0' align='absmiddle' src='../pixmaps/arrow_green.gif'>" . _("ADVANCED") . "</a></td>";
    $discovery .= "\t\t<td>&nbsp;</td>";
    $discovery .= "</tr>";
    if ($_SESSION["scanner"] == "omp") {
        $credentials = Vulnerabilities::get_credentials($dbconn, 'ssh');
        preg_match("/(.*)\\|(.*)/", $editdata["credentials"], $found);
        $discovery .= "<tr class='advanced'>";
        $discovery .= "<td class='job_option'>" . Util::strong(_("SSH Credential:")) . "</td>";
        $discovery .= "<td style='text-align:left'><select id='ssh_credential' name='ssh_credential'>";
        $discovery .= "<option value=''>--</option>";
        foreach ($credentials as $cred) {
            $login_text = $cred["login"];
            if ($cred["login"] == '0') {
                $login_text = _("All");
            } elseif (valid_hex32($cred["login"])) {
                $login_text = Session::get_entity_name($dbconn, $cred["login"]);
            }
            $selected = $found[1] == $cred["name"] . "#" . $cred["login"] || $cred["name"] . "#" . $cred["login"] == $ssh_credential ? " selected='selected'" : "";
            $discovery .= "<option value='" . $cred["name"] . "#" . $cred["login"] . "' {$selected}>" . $cred["name"] . " (" . $login_text . ")</option>";
        }
        $discovery .= "</select></td>";
        $discovery .= "</tr>";
        $credentials = Vulnerabilities::get_credentials($dbconn, 'smb');
        $discovery .= "<tr class='advanced'>";
        $discovery .= "<td class='job_option'>" . Util::strong(_("SMB Credential:")) . "</td>";
        $discovery .= "<td style='text-align:left'><select id='smb_credential' name='smb_credential'>";
        $discovery .= "<option value=''>--</option>";
        foreach ($credentials as $cred) {
            $login_text = $cred["login"];
            if ($cred["login"] == '0') {
                $login_text = _("All");
            } elseif (valid_hex32($cred["login"])) {
                $login_text = Session::get_entity_name($dbconn, $cred["login"]);
            }
            $selected = $found[2] == $cred["name"] . "#" . $cred["login"] || $cred["name"] . "#" . $cred["login"] == $smb_credential ? " selected='selected'" : "";
            $discovery .= "<option value='" . $cred["name"] . "#" . $cred["login"] . "' {$selected}>" . $cred["name"] . " (" . $login_text . ")</option>";
        }
        $discovery .= "</select></td>";
        $discovery .= "</tr>";
    }
    $discovery .= "<tr class='job_option advanced'>";
    $discovery .= "<td class='job_option'>" . Util::strong(_("Timeout:")) . "</td>";
    $discovery .= "<td style=\"text-align:left;\" nowrap><input type='text' style='width:80px' name='timeout' value='" . ($timeout_selected == "" ? "{$timeout}" : "{$timeout_selected}") . "'>";
    $discovery .= "<font color='black'>&nbsp;&nbsp;&nbsp;" . _("Max scan run time in seconds") . "&nbsp;&nbsp;&nbsp;</font></td>";
    $discovery .= "</tr>";
    $discovery .= "<tr class='advanced'><td class='job_option'>" . Util::strong(_("Send an email notification:"));
    $discovery .= "</td>";
    $discovery .= "<td style=\"text-align:left;\">";
    $discovery .= "<input type=\"radio\" name=\"semail\" value=\"0\"" . (count($editdata) <= 1 && intval($semail) == 0 || intval($editdata['meth_Wfile']) == 0 ? " checked" : "") . "/>" . _("No");
    $discovery .= "<input type=\"radio\" name=\"semail\" value=\"1\"" . (count($editdata) <= 1 && intval($semail) == 1 || intval($editdata['meth_Wfile']) == 1 ? " checked" : "") . "/>" . _("Yes");
    $discovery .= "</td></tr>";
    $discovery .= "<tr class='advanced'>\n\t\t\t\t\t\t<td class='job_option'>" . Util::strong(_("Scan job visible for:")) . "</td>\n\t\t\t\t\t\t<td style='text-align: left'>\n\t\t\t\t\t\t\t<table cellspacing='0' cellpadding='0' class='transparent' style='margin: 5px 0px;'>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'><span style='margin-right:3px'>" . _('User:'******'nobborder'>\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t<select name='user' id='user' onchange=\"switch_user('user');return false;\">";
    $num_users = 0;
    foreach ($users as $k => $v) {
        $login = $v->get_login();
        $selected = $editdata["username"] == $login || $user_selected == $login ? "selected='selected'" : "";
        $options .= "<option value='" . $login . "' {$selected}>{$login}</option>\n";
        $num_users++;
    }
    if ($num_users == 0) {
        $discovery .= "<option value='' style='text-align:center !important;'>- " . _("No users found") . " -</option>";
    } else {
        $discovery .= "<option value='' style='text-align:center !important;'>- " . _("Select one user") . " -</option>\n";
        $discovery .= $options;
    }
    $discovery .= "\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t</td>";
    if (!empty($entities_to_assign)) {
        $discovery .= "\t    \t\t\t<td style='text-align:center; border:none; !important'><span style='padding:5px;'>" . _("OR") . "<span></td>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'><span style='margin-right:3px'>" . _("Entity:") . "</span></td>\n\t\t\t\t\t\t\t\t\t<td class='nobborder'>\t\n\t\t\t\t\t\t\t\t\t\t<select name='entity' id='entity' onchange=\"switch_user('entity');return false;\">\n\t\t\t\t\t\t\t\t\t\t\t<option value='' style='text-align:center !important;'>-" . _("Select one entity") . "-</option>";
        foreach ($entities_to_assign as $k => $v) {
            $selected = $editdata["username"] == $k || $entity_selected == $k ? "selected='selected'" : "";
            $discovery .= "<option value='{$k}' {$selected}>{$v}</option>";
        }
        $discovery .= "\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t</td>";
    }
    $discovery .= " \t    \t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    $discovery .= "<tr><td valign=\"top\" width=\"15%\" class=\"job_option noborder\"><br>";
    // conditions to exclude IPs
    $condition1 = count($editdata) <= 1 && intval($hosts_alive) == 1 ? TRUE : FALSE;
    $condition2 = preg_match('/' . EXCLUDING_IP2 . '/', trim($editdata["meth_TARGET"]));
    $condition3 = intval($editdata['meth_CRED']) == 1 ? TRUE : FALSE;
    $condition4 = count($ip_exceptions_list) > 0 ? TRUE : FALSE;
    $host_alive_check = $condition1 || $condition2 || $condition3 || $condition4 ? ' checked' : '';
    $host_alive_status = $condition2 || $condition4 ? ' disabled=\\"disabled\\"' : '';
    $discovery .= "<input onclick=\"toggle_scan_locally()\" type=\"checkbox\" id=\"hosts_alive\" name=\"hosts_alive\" value=\"1\"" . $host_alive_check . $host_alive_status . ">" . Util::strong(_("Only scan hosts that are alive")) . "<br>(" . Util::strong(_("greatly speeds up the scanning process")) . ")<br><br>";
    $discovery .= "<input type=\"checkbox\" id=\"scan_locally\" name=\"scan_locally\" value=\"1\"" . ($pre_scan_locally_status == 0 ? " disabled=\"disabled\"" : "") . ($pre_scan_locally_status == 1 && (intval($editdata['authorized']) == 1 || intval($scan_locally) == 1) ? " checked" : "") . ">" . Util::strong(_("Pre-Scan locally")) . "<br>(" . Util::strong(_("do not pre-scan from scanning sensor")) . ")<br><br>";
    $discovery .= "<input type=\"checkbox\" id=\"not_resolve\" name=\"not_resolve\" value=\"1\" " . ($editdata['resolve_names'] === "0" || $not_resolve == "1" ? "checked=\"checked\"" : "") . "/>" . Util::strong(_("Do not resolve names"));
    $discovery .= <<<EOT
        </td>
EOT;
    $discovery .= '     <td class="noborder" valign="top">';
    $discovery .= '         <table width="100%" class="transparent" cellspacing="0" cellpadding="0">';
    $discovery .= '              <tr>';
    $discovery .= '                  <td class="nobborder" style="vertical-align: top;text-align:left;padding:10px 0px 0px 0px;">';
    $discovery .= '                     <table class="transparent" cellspacing="4">';
    $discovery .= '                         <tr>';
    $discovery .= '                             <td class="nobborder" style="text-align:left;"><input class="greyfont" type="text" id="searchBox" value="' . _("Type here to search assets (Hosts/Networks)") . '" /></td>';
    $discovery .= '                         </tr>';
    $discovery .= '                         <tr>';
    $discovery .= '                             <td class="nobborder"><select id="targets" name="targets[]" multiple="multiple">';
    if (!empty($editdata["meth_TARGET"])) {
        $ip_list = explode("\n", trim($editdata["meth_TARGET"]));
    }
    if (!empty($ip_list)) {
        foreach ($ip_list as $asset) {
            if (preg_match("/([a-f\\d]+)#(.*)/i", $asset, $found)) {
                if (Asset_host::is_in_db($dbconn, $found[1])) {
                    $_asset_name = Asset_host::get_name_by_id($dbconn, $found[1]) . " (" . $found[2] . ")";
                } else {
                    $_asset_name = Asset_net::get_name_by_id($dbconn, $found[1]) . " (" . $found[2] . ")";
                }
                $discovery .= '<option value="' . $asset . '">' . $_asset_name . '</option>';
            } else {
                $discovery .= '<option value="' . $asset . '">' . $asset . '</option>';
            }
        }
        foreach ($ip_exceptions_list as $asset) {
            $discovery .= '<option value="' . $asset . '">' . $asset . '</option>';
        }
    }
    $discovery .= '                             </select></td>';
    $discovery .= '                         </tr>';
    $discovery .= '                         <tr>';
    $discovery .= '                             <td class="nobborder" style="text-align:right"><input type="button" value=" [X] " id="delete_target" class="av_b_secondary small"/>';
    $discovery .= '                             <input type="button" style="margin-right:0px;"value="Delete all" id="delete_all" class="av_b_secondary small"/></td>';
    $discovery .= '                         </tr>';
    $discovery .= '                         </table>';
    $discovery .= '                  </td>';
    $discovery .= '                  <td class="nobborder" width="450px;" style="vertical-align: top;padding:0px 0px 0px 5px;">';
    $discovery .= '                    <div id="vtree" style="text-align:left;width:100%;"></div>';
    $discovery .= '                  </td>';
    $discovery .= '              </tr>';
    $discovery .= '         </table>';
    $discovery .= '    </td>';
    $discovery .= '</tr>';
    $discovery .= '</table>';
    $discovery .= '</tr></td></table>';
    $discovery .= $show;
    return $discovery;
}