public static function process()
{
$security = new Security();
$security->verifyPre();
$data = stream_get_contents(fopen('php://input', 'r'));
$compressedSize = strlen($data);
$security->verifyCompressedData($data, $compressedSize);
$data = @gzdecode($data);
$uncompressedSize = strlen($data);
$security->validateData($data, $uncompressedSize);
$json = json_decode($data, true);
$security->validateJson($json);
if (isset($json['icon'])) {
$img = self::getServerIcon($json['icon']);
$json['icon'] = $img;
$data = json_encode($json);
$uncompressedSize = strlen($data);
}
$key = Util::uuid(false);
$cacheFile = Cache::getFile($key);
Log::info("Uploaded {$uncompressedSize} bytes as {$key} to {$cacheFile}");
Cache::put($key, $data);
header("Location: " . BASE_URL_VIEW . "/?id={$key}");
self::error("Compressed Size: {$compressedSize}\nUncompressed Size: {$uncompressedSize}\nRaw Upload: " . BASE_URL_VIEW . "/?id={$key}&raw=1");
}
public function preSave(PropelPDO $oConnection = null)
{
if ($this->isNew()) {
$this->setActivationHash(Util::uuid());
}
return parent::preSave($oConnection);
}
public function allDashboardModules()
{
$aDashboardConfig = self::dashboardConfig();
$aWidgets =& $aDashboardConfig['widgets'];
$bDidAddIds = false;
foreach ($aWidgets as &$aWidget) {
if (!isset($aWidget['uid'])) {
$bDidAddIds = true;
$aWidget['uid'] = Util::uuid();
}
}
if ($bDidAddIds) {
$oUser = Session::getSession()->getUser();
$oUser->setAdminSettings('dashboard', $aDashboardConfig);
$oUser->save();
}
return $aWidgets;
}
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
//Process status
$summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_hosts' => array());
$db = new ossim_db();
$conn = $db->connect();
$str_data = file_get_contents($filename);
if ($str_data === FALSE) {
$summary['general']['status'] = 'error';
$summary['general']['data']['errors'] = _('Failed to read data from CSV file');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
$array_data = preg_split('/\\n|\\r/', $str_data);
foreach ($array_data as $k => $v) {
if (trim($v) != '') {
$data[] = explode('";"', trim($v));
}
}
/*************************************************************************************************************************************
* From asset section:
* - Version 4.x.x or higher: "IP (IP1,IP2,...)";"Hostname";"FQDNs(FQDN1,FQDN2,...)";"Description";"Asset value";"Operating System";
* "Latitude";"Longitude";"Host ID";"External Asset";"Device Types(Type1,Type2,...)"
*
* - Version 3.x.x: "IP"*;"Hostname";"FQDNs(FQDN1,FQDN2,...)";"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)";
* "Operating System";"Latitude";"Longitude"
*
* From welcome wizard:
* - Version 4.x.x or higher: "IP (IP1,IP2,...)";"Hostname";"Description";"Operating System";"Device Type(Type1,Type2,...)"
*
**************************************************************************************************************************************/
//Check file size
if (count($data) <= 0 || count($data) == 1 && preg_match('/IP/', $data[0][0])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('CSV file is empty');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
//Check importation type and headers
$csv_headers = array();
if ($import_type == 'hosts') {
if (preg_match('/Operating System/', $data[0][5]) || preg_match('/Sensors/', $data[0][5])) {
$csv_headers = array_shift($data);
} else {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Headers not found');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
}
//Setting total hosts to import
$summary['general']['statistics']['total'] = count($data);
//Getting all Operating System
$all_os = Properties::get_all_os();
//Getting devices types
$all_devices = array();
$aux_all_devices = Devices::get_all_for_filter($conn);
$_all_devices = $aux_all_devices[0];
foreach ($_all_devices as $d_data) {
$d_key = $d_data['type_name'];
$d_key .= $d_data['subtype_id'] != 0 ? ':' . $d_data['subtype_name'] : '';
$all_devices[$d_key] = $d_data['type_id'] . ':' . $d_data['subtype_id'];
}
//Allowed sensors
$filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
$a_sensors = Av_sensor::get_basic_list($conn, $filters);
$sensor_ids = array_keys($a_sensors);
if (count($sensor_ids) == 0) {
$summary['general']['status'] = 'error';
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP address');
$summary['general']['data'] = $s_error_msg;
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
Util::disable_perm_triggers($conn, TRUE);
foreach ($data as $k => $v) {
//Clean previous errors
ossim_clean_error();
$num_line = $k + 1;
//Set default status
$summary['by_hosts'][$num_line]['status'] = 'error';
//Check file format
$cnd_1 = $import_type == 'hosts' && count($v) < 9;
$cnd_2 = $import_type == 'welcome_wizard_hosts' && count($v) < 5;
if ($cnd_1 || $cnd_2) {
$summary['by_hosts'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
$summary['general']['statistics']['errors']++;
continue;
}
//Clean values
$param = array();
$index = 0;
$max_index = count($v) - 1;
foreach ($v as $field) {
$parameter = trim($field);
if ($index == 0) {
$pattern = '/^\\"|^\'/';
$param[] = preg_replace($pattern, '', $parameter);
} else {
if ($index == $max_index) {
$pattern = '/\\"$|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
} else {
$param[] = $parameter;
}
}
$index++;
}
//Values
$is_in_db = FALSE;
$host_id = '';
$sensors = $sensor_ids;
$csv_ips = preg_replace("/\\s+/", '', $param[0]);
if (!empty($param[1])) {
$name = $param[1];
} else {
$aux_name = str_replace(' ', '', $csv_ips);
$aux_name = str_replace(',', '-', $aux_name);
$name = Asset_host::get_autodetected_name($aux_name);
}
if ($import_type == 'hosts') {
$fqdns = $param[2];
$descr = $param[3];
$asset_value = !empty($param[4]) ? $param[4] : 2;
if (preg_match('/Host ID/', $csv_headers[8])) {
$os = $param[5];
$latitude = floatval($param[6]);
$longitude = floatval($param[7]);
$external = empty($param[9]) ? 0 : intval($param[9]);
$csv_devices = $param[10];
} else {
$os = $param[6];
$latitude = floatval($param[7]);
$longitude = floatval($param[8]);
$external = 0;
$csv_devices = '';
}
} else {
$descr = $param[2];
$os = $param[3];
$latitude = 0;
$longitude = 0;
$asset_value = 2;
$external = 0;
$csv_devices = $param[4];
}
//Permissions
$can_i_create_assets = Session::can_i_create_assets();
$can_i_modify_ips = TRUE;
//IPs
if (!ossim_valid($csv_ips, OSS_IP_ADDR, 'illegal:' . _('IP'))) {
$summary['by_hosts'][$num_line]['errors']['IP'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Check Host ID: Is there a host registered in the System?
$host_ids = Asset_host::get_id_by_ips($conn, $csv_ips, $ctx);
$host_id = key($host_ids);
if (!empty($host_id)) {
$is_in_db = TRUE;
} else {
$host_id = Util::uuid();
}
// Special case: Forced Host ID [Version 4.x.x or higher]
if ($import_type == 'hosts' && preg_match('/Host ID/', $csv_headers[8]) && valid_hex32($param[8])) {
$csv_hosts_id = strtoupper($param[8]);
if ($is_in_db == TRUE && $csv_hosts_id != $host_id) {
$id_error_msg = _('Host is already registered in the System with another Host ID');
$summary['by_hosts'][$num_line]['errors']['Host'] = $id_error_msg;
$summary['general']['statistics']['errors']++;
continue;
} else {
if ($is_in_db == FALSE) {
$host_id = $csv_hosts_id;
// Save host ID to insert it
}
}
}
//Hostname
if (!empty($iic)) {
$name = clean_iic($name);
}
if (!ossim_valid($name, OSS_HOST_NAME, 'illegal:' . _('Hostname'))) {
ossim_clean_error();
$name = Asset_host::create_valid_name($name);
$warning_msg = _('Hostname does not match with RFC 1123 specifications') . '<br/>' . _('Hostname will be replaced by') . ": <strong>{$name}</strong>";
$summary['by_hosts'][$num_line]['warnings']['Hostname'] = $warning_msg;
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
if (!ossim_valid($name, OSS_HOST_NAME, 'illegal:' . _('Hostname'))) {
unset($summary['by_hosts'][$num_line]['warnings']);
$summary['general']['statistics']['warnings']--;
$summary['by_hosts'][$num_line]['status'] = 'error';
$summary['by_hosts'][$num_line]['errors']['Hostname'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Description
if (!ossim_valid($descr, OSS_NULLABLE, OSS_ALL, 'illegal:' . _('Description'))) {
$summary['by_hosts'][$num_line]['errors']['Description'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
} else {
if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
$descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
}
}
//Operating System
$os_pattern = '/' . preg_quote(implode('|', $all_os), '/') . '/';
$os_pattern = str_replace('\\|', '|', $os_pattern);
if (!empty($os) && !preg_match($os_pattern, $os)) {
$warning_msg = _('Operating System unknown');
$summary['by_hosts'][$num_line]['warnings']['Operating System'] = $warning_msg;
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
$os = 'Unknown';
}
//Devices Types
$devices = array();
$unallowed_devices = array();
if (!empty($csv_devices)) {
$aux_devices = explode(',', $csv_devices);
if (is_array($aux_devices) && !empty($aux_devices)) {
foreach ($aux_devices as $d_name) {
$d_name = trim($d_name);
if (array_key_exists($d_name, $all_devices)) {
$devices[] = $all_devices[$d_name];
} else {
$unallowed_devices[] = $d_name;
}
}
if (!empty($unallowed_devices)) {
$warning_msg = _('Some devices could not be added (Type and/or subtype unknown)') . ': ' . implode(',', $unallowed_devices);
$summary['by_hosts'][$num_line]['warnings']['Devices'] = $warning_msg;
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
}
}
}
//Sensor
if ($is_in_db == FALSE) {
//Only update host sensors with unregistered hosts
if ($import_type == 'hosts' && preg_match('/Sensors/', $csv_headers[5])) {
//Special case: Sensors in CSV file //[Version 3.x.x]
$sensors = array();
$_sensors = explode(',', $param[4]);
if (is_array($_sensors) && !empty($_sensors)) {
$_sensors = array_flip($_sensors);
if (is_array($a_sensors) && !empty($a_sensors)) {
foreach ($a_sensors as $s_id => $s_data) {
if (array_key_exists($s_data['ip'], $_sensors)) {
$sensors[] = $s_id;
}
}
}
}
if (!is_array($sensors) || empty($sensors)) {
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP address');
$summary['by_hosts'][$num_line]['errors']['Sensors'] = $s_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
}
/***********************************************************
********** Only for importation from host section **********
***********************************************************/
if ($import_type == 'hosts') {
//FQDNs
if (!ossim_valid($fqdns, OSS_FQDNS, OSS_NULLABLE, 'illegal:' . _('FQDN/Aliases'))) {
$summary['by_hosts'][$num_line]['errors']['FQDN/Aliases'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Asset
if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
$summary['by_hosts'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Latitude
if (!empty($latitude)) {
if (!ossim_valid(trim($latitude), OSS_NULLABLE, OSS_DIGIT, OSS_DOT, '\\-', 'illegal:' . _('Latitude'))) {
$summary['by_hosts'][$num_line]['errors']['Latitude'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Longitude
if (!empty($longitude)) {
if (!ossim_valid(trim($longitude), OSS_NULLABLE, OSS_DIGIT, OSS_DOT, '\\-', 'illegal:' . _('Longitude'))) {
$summary['by_hosts'][$num_line]['errors']['Longitude'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
}
//Insert/Update host in database
if (count($summary['by_hosts'][$num_line]['errors']) == 0) {
try {
$host = new Asset_host($conn, $host_id);
if ($is_in_db == TRUE) {
$host->load_from_db($conn, $host_id);
$can_i_modify_ips = Asset_host::can_i_modify_ips($conn, $host_id);
} else {
if ($can_i_create_assets == FALSE) {
$n_error_msg = _('Host') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this host");
$summary['by_hosts'][$num_line]['errors']['Net'] = $n_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Check IPs
if ($can_i_modify_ips == TRUE) {
$aux_ips = explode(',', $csv_ips);
foreach ($aux_ips as $ip) {
$host_ids = Asset_host::get_id_by_ips($conn, $ip, $ctx);
unset($host_ids[$host_id]);
if (!empty($host_ids)) {
$c_error_msg = _('IP') . ' ' . $csv_ips . ' ' . _("not allowed. IP {$ip} already exists for this entity");
$summary['by_hosts'][$num_line]['errors']['IP'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
} else {
$cnd_1 = Session::get_net_where() != '' && !Session::only_ff_net();
$cnd_2 = Asset_host::is_ip_in_cache_cidr($conn, $ip, $ctx, TRUE);
if ($cnd_1 && !$cnd_2) {
$c_error_msg = sprintf(_("Error! The IP %s is not allowed. Please check with your account admin for more information"), $csv_ips);
$summary['by_hosts'][$num_line]['errors']['IP'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
}
}
}
} else {
$c_error_msg = _('Host') . ' ' . $name . ': ' . _("IP address not allowed. IP address cannot be modified");
$summary['by_hosts'][$num_line]['status'] = 'warning';
$summary['general']['warnings']['errors']++;
$summary['by_hosts'][$num_line]['warnings']['IP'] = $c_error_msg;
}
//Setting new values
if (count($summary['by_hosts'][$num_line]['errors']) == 0) {
$host->set_ctx($ctx);
$host->set_name($name);
$host->set_descr($descr);
if ($is_in_db == FALSE) {
if ($can_i_modify_ips == TRUE) {
if (is_array($aux_ips) && !empty($aux_ips)) {
$ips = array();
foreach ($aux_ips as $ip) {
$ips[$ip] = array('ip' => $ip, 'mac' => NULL);
}
$host->set_ips($ips);
}
}
$host->set_sensors($sensors);
}
if (!empty($fqdns)) {
$host->set_fqdns($fqdns);
}
$host->set_external($external);
$host->set_location($latitude, $longitude);
$host->set_asset_value($asset_value);
$host->set_devices($devices);
$host->save_in_db($conn, FALSE);
//Save Operating System
if (!empty($os)) {
Asset_host_properties::save_property_in_db($conn, $host_id, 3, $os, 2);
}
$summary['general']['statistics']['saved']++;
$summary['by_hosts'][$num_line]['data'] = $is_in_db == TRUE ? _('Asset updated') : _('New asset inserted');
//Keep warnings
if ($summary['by_hosts'][$num_line]['status'] != 'warning') {
$summary['by_hosts'][$num_line]['status'] = 'success';
}
}
} catch (Exception $e) {
$summary['by_hosts'][$num_line]['errors']['Database error'] = $e->getMessage();
$summary['general']['statistics']['errors']++;
}
}
}
if ($summary['general']['statistics']['saved'] > 0) {
if ($summary['general']['statistics']['errors'] == 0) {
$summary['general']['status'] = 'success';
$summary['general']['data'] = _('All assets have been successfully imported ');
} else {
$summary['general']['status'] = 'warning';
$summary['general']['data'] = _('Some assets cannot be imported');
}
Util::disable_perm_triggers($conn, FALSE);
try {
Asset_host::report_changes($conn, 'hosts');
} catch (Exception $e) {
Av_exception::write_log(Av_exception::USER_ERROR, $e->getMessage());
}
} else {
$summary['general']['statistics']['errors'] = count($data);
//CSV file is not empty, but all lines are wrong
if (empty($summary['general']['status'])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Assets cannot be imported');
}
}
@$conn->Execute("REPLACE INTO alienvault.host_net_reference SELECT host.id,net_id FROM alienvault.host, alienvault.host_ip, alienvault.net_cidrs WHERE host.id = host_ip.host_id AND host_ip.ip >= net_cidrs.begin AND host_ip.ip <= net_cidrs.end");
$db->close();
return $summary;
}
public static function startDigest()
{
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Digest realm="' . self::getRealm() . '",qop="auth",nonce="' . Util::uuid() . '",opaque="' . self::getRealm() . '"');
}
$_SESSION["pid" . GET('pid')] = $_GET['sids_str'];
}
}
exit;
}
$db = new ossim_db();
$conn = $db->connect();
//
// Insert new
//
if (GET('action') == 'new') {
$imported_plugins = get_checked_plugins($_POST);
list($name, $descr, $plugins) = validate_post_params($conn, POST('name'), POST('descr'), POST('sids'), $imported_plugins);
// Insert section
//
$group_id = Util::uuid();
Plugin_group::insert($conn, $group_id, $name, $descr, $plugins, $imported_plugins);
header("Location: modifyplugingroupsform.php?action=edit&id={$group_id}");
exit;
//
// Edit group
//
} elseif (GET('action') == 'edit') {
//print_r(POST('sids'));
//print_r($_SESSION);
$imported_plugins = get_checked_plugins($_POST);
list($name, $descr, $plugins) = validate_post_params($conn, POST('name'), POST('descr'), POST('sids'), $imported_plugins);
$group_id = GET('id');
ossim_valid($group_id, OSS_HEX, 'illegal:ID');
if (ossim_error()) {
die(ossim_error());
$result = Av_sensor::get_ip_by_id($dbconn, $asset);
break;
case 'get_system_uuid':
$result = Util::get_encryption_key();
break;
case 'get_varhex':
$result = bin2hex(inet_pton($asset));
break;
case 'insert_host':
list($hostip, $ctx, $hostname, $aliases) = explode('|', base64_decode($asset));
$hostid = key(Asset_host::get_id_by_ips($dbconn, $hostip, $ctx));
if (!Asset_host::is_in_db($dbconn, $hostid)) {
list($sensor_list, $total) = Av_sensor::get_list($dbconn, array('where' => "acl_sensors.entity_id=UNHEX('{$ctx}')"));
$sensors = array_keys($sensor_list);
try {
$hostid = Util::uuid();
Util::disable_perm_triggers($dbconn, TRUE);
$host = new Asset_host($dbconn, $hostid);
$host->set_name($hostname);
$host->set_ctx($ctx);
$host_ip = array();
$ips[$hostip] = array('ip' => $hostip, 'mac' => NULL);
$host->set_ips($ips);
$host->set_sensors($sensors);
$host->set_fqdns($aliases);
$host->save_in_db($dbconn);
} catch (Exception $e) {
$result = 'Impossible to save the host';
}
} else {
$result = 'The host already exists.';
echo ossim_error(_("You don't have permissions to upload maps"));
exit;
}
$name = POST('name');
$flag_close = FALSE;
$validation_errors = array();
if (isset($_POST['upload'])) {
$validate = array('name' => array('validation' => 'OSS_INPUT', 'e_message' => 'illegal:' . _('Map Name')));
$validation_errors = validate_form_fields('POST', $validate);
if (!is_array($validation_errors) || empty($validation_errors)) {
$db = new ossim_db();
$conn = $db->connect();
$config = new User_config($conn);
$user = Session::get_session_user();
if (is_uploaded_file($_FILES['map_file']['tmp_name'])) {
$map_id = strtoupper(Util::uuid());
$filename = "maps/map{$map_id}.jpg";
if (getimagesize($_FILES['map_file']['tmp_name'])) {
move_uploaded_file($_FILES['map_file']['tmp_name'], $filename);
if (!Session::am_i_admin()) {
//If I am not an admin, I will add, as default, permission to see and edit the map to the current user.
$query = "INSERT IGNORE INTO risk_maps (map, perm, name) VALUES (UNHEX(?),?,?)";
$params = array($map_id, $user, $name);
$conn->Execute($query, $params);
} else {
//If I am an admin user, I will add permission to see the map to everyone and only edit permission to the admin.
$query = "INSERT IGNORE INTO risk_maps (map, perm, name) VALUES (UNHEX(?),'0', ?)";
$params = array($map_id, $name);
$conn->Execute($query, $params);
}
$_SESSION['map_new']['error'] = FALSE;
public function __construct($sSessionKey = null)
{
if (static::isPersistent()) {
if ($sSessionKey === null) {
$this->sPersistentSessionKey = get_class($this);
if (!call_user_func(array($this->sPersistentSessionKey, 'isSingleton'))) {
$this->sPersistentSessionKey .= "_" . Util::uuid();
}
} else {
$this->sPersistentSessionKey = $sSessionKey;
}
Session::getSession()->setArrayAttributeValueForKey(self::WIDGET_SESSION_KEY, $this->sPersistentSessionKey, $this);
}
}
function insert_host($conn, $data)
{
$ips = preg_replace('/\\s*/', '', $data['ip']);
$name = utf8_decode($data['name']);
list($os, $dtype) = explode("_", $data['type']);
// Type
ossim_valid($ips, OSS_IP_ADDR, 'illegal:' . _("IP"));
ossim_valid($name, OSS_HOST_NAME, 'illegal:' . _("Name"));
ossim_valid($os, OSS_NULLABLE, OSS_ALPHA, 'illegal:' . _("OS"));
ossim_valid($dtype, OSS_NULLABLE, OSS_ALPHA, 'illegal:' . _("Device Type"));
check_ossim_error();
$ips = explode(',', $ips);
foreach ($ips as $ip) {
$h_ip[$ip] = array('ip' => $ip, 'mac' => NULL);
}
//Insert the New Host
$uuid = Util::uuid();
$sensor_ip = Util::get_default_admin_ip();
$sensor = Av_sensor::get_id_by_ip($conn, $sensor_ip);
$host = new Asset_host($conn, $uuid);
$host->set_ips($h_ip);
$host->set_name($name);
$host->set_sensors(array($sensor));
$host->save_in_db($conn);
// Device Type
if ($dtype == 'networkdevice') {
Asset_host_devices::save_device_in_db($conn, $uuid, 4);
}
// OS
if ($os == 'windows' || $os == 'linux') {
Asset_host_properties::save_property_in_db($conn, $uuid, 3, ucfirst($os), 1, TRUE);
}
$response['error'] = FALSE;
$response['data'] = array();
return $response;
}
function save_filter($conn, $filters, $data)
{
//Getting the number of filters to be applied of the group
$cont = $filters->get_num_filter_added();
//We need at least one, otherwise we show an error.
if ($cont < 1) {
$return['error'] = TRUE;
$return['msg'] = _('At least one filter needed');
return $return;
}
$name = utf8_decode($data['name']);
$descr = utf8_decode($data['descr']);
ossim_valid($name, OSS_NOECHARS, OSS_ALPHA, OSS_PUNC, 'illegal:' . _('Group Name'));
ossim_valid($descr, OSS_ALPHA, OSS_NULLABLE, OSS_PUNC, OSS_AT, OSS_NL, 'illegal:' . _('Description'));
if (ossim_error()) {
$response['error'] = TRUE;
$response['msg'] = ossim_get_error();
ossim_clean_error();
return $response;
}
//Trying to save the filters, in case of error an exception will arise
try {
$new_id = Util::uuid();
$ctx = Session::get_default_ctx();
$group = new Asset_group($new_id);
$group->set_name($name);
$group->set_descr($descr);
$group->set_ctx($ctx);
$group->save_in_db($conn);
$group->save_assets_from_search($conn);
$filters->empty_filter_search($conn);
$return['error'] = FALSE;
$return['id'] = $new_id;
$return['msg'] = 'ok';
Asset_filter_list::delete_filters_from_session();
} catch (Exception $e) {
$return['error'] = TRUE;
$return['msg'] = $e->getMessage();
}
return $return;
}
unset($_ctx);
}
}
if (!empty($id) && Asset_host::is_in_db($conn, $id)) {
ossim_valid($id, OSS_HEX, 'illegal:' . _('Asset ID'));
if (ossim_error()) {
echo ossim_error(_('Error! Asset not found'));
exit;
}
$asset = new Asset_host($conn, $id);
$asset->load_from_db($conn);
$is_in_db = 1;
$is_editable = Asset_host::can_i_modify_ips($conn, $id) ? 'yes' : 'no_ip';
} else {
//New asset or asset has been deleted but there are some instances in the system (SIEM, alarms, ...)
$id = valid_hex32($id) ? $id : Util::uuid();
$asset = new Asset_host($conn, $id);
if (isset($_ip) && isset($_ctx)) {
$asset->set_ctx($_ctx);
$ext_ips[$_ip] = array('ip' => $_ip, 'mac' => NULL);
$asset->set_ips($ext_ips);
}
}
//Getting asset data
$id = $asset->get_id();
$ctx = $asset->get_ctx();
$_ips = $asset->get_ips();
$ips = $_ips->get_ips();
if (is_array($ips) && !empty($ips)) {
$ips = array_keys($ips);
}
$data['general']['status'] = 'success';
$data['general']['data'] = _('Hosts saved successfully');
foreach ($data['by_host'] as $h_key => $h_data) {
if ($h_data['status'] == 'warning') {
$data['general']['status'] = 'warning';
$data['general']['data'] = _('Hosts saved with warnings');
break;
}
}
} else {
$data['general']['status'] = 'warning';
$data['general']['data'] = _('Warning! Some hosts could not be saved');
}
//Create a Asset Group
if (!empty($group_name)) {
$new_group_id = Util::uuid();
$group = new Asset_group($new_group_id);
$group->set_name($group_name);
$group->set_ctx($ctx);
$group->save_in_db($conn);
$group->save_assets_from_list($conn, $data['general']['hosts_in_group']);
}
}
/*
echo '<pre style="white-space: pre;">';
print_r($data);
print_r($scan_results);
echo '</pre>';
*/
//Showing scan results
?>
private function cleanupFormatTags()
{
$aTags = array();
if (isset($this->aModuleSettings['blockformats'])) {
foreach ($this->aModuleSettings['blockformats'] as $mFormat) {
if (is_string($mFormat)) {
$mFormat = array('element' => $mFormat);
}
$sKey = 'format_' . Util::uuid();
$this->setSetting($sKey, $mFormat);
$aTags[] = $mFormat['element'];
}
unset($this->aModuleSettings['blockformats']);
}
if (count($aTags) == 0) {
$this->setSetting('format_tags', 'p;h1;h2;h3;h4;h5;h6;pre;address;div');
} else {
$this->setSetting('format_tags', implode(';', $aTags));
}
}
parent.show_error("<?php
echo $conn_snort->ErrorMsg();
?>
");
</script>
<?php
exit;
}
while (!$rs->EOF) {
$ip = $rs->fields['ip'];
$ctx = $rs->fields['ctx'];
$ids = Asset_host::get_id_by_ips($conn_aux, $ip, $ctx);
if (empty($hosts_in_db[$ip][$ctx]) && empty($ids)) {
if ($mode == 'insert') {
try {
$id = Util::uuid();
$hostname = Asset_host::get_autodetected_name($ip);
$ips = array();
$ips[$ip] = array('ip' => $ip, 'mac' => NULL);
$sensors = array($rs->fields['sensor_id']);
$conn_aux = $db->connect();
$host = new Asset_host($conn_aux, $id);
Util::disable_perm_triggers($conn_aux, TRUE);
$host->set_name($hostname);
$host->set_ctx($ctx);
$host->set_ips($ips);
$host->set_sensors($sensors);
$host->save_in_db($conn_aux, FALSE);
$hosts_in_db[$ip][$ctx] = $ip;
?>
<script type="text/javascript">
</head>
<body>
<?php
if (POST('insert')) {
if ($data['status'] == 'error') {
$txt_error = "<div>" . _('The following errors occurred') . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $validation_errors) . "</div>";
$config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;');
$nt = new Notification('nt_1', $config_nt);
$nt->show();
Util::make_form('POST', 'newsensorform.php');
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$new_id = Util::uuid();
try {
$new = new Av_Sensor($new_id);
$new->set_properties(array('version' => '', 'has_nagios' => 0, 'has_ntop' => 1, 'has_vuln_scanner' => 1, 'has_kismet' => 0));
$new->set_name($sname);
$new->set_ip($ip);
$new->set_priority($priority);
$new->set_port($port);
$new->set_tzone($tzone);
$new->set_descr($descr);
foreach ($entities as $ctx) {
$new->add_new_ctx($ctx, $ctx);
}
$new->save_in_db($conn);
if ($location != '') {
Locations::insert_related_sensor($conn, $location, $new_id);
}
$data['status'] = 'OK';
$data['data'] = $validation_errors;
//I am checking form parameters
if (POST('ajax_validation_all') == TRUE) {
if (is_array($validation_errors) && !empty($validation_errors)) {
$data['status'] = 'error';
}
} else {
try {
// Update tag
if (!empty($tag_id) && Tag::is_in_db($conn, $tag_id)) {
$tag = Tag::get_object($conn, $tag_id);
$success_msg = _('Label successfully updated');
} else {
$tag_id = Util::uuid();
$tag = new Tag($tag_id);
$success_msg = _('Label successfully created');
}
$tag->set_name(trim($tag_name));
$tag->set_type($tag_type);
$tag->set_class($tag_class);
$tag->save_in_db($conn);
$data['status'] = 'OK';
$data['data'] = $success_msg;
} catch (\Exception $e) {
$error_msg = $e->getMessage();
if (empty($error_msg)) {
$error_msg = _('Sorry, operation was not completed due to an error when processing the request');
}
$data['status'] = 'error';
function import_assets_from_csv($filename, $iic, $ctx, $import_type)
{
//Process status
$summary = array('general' => array('status' => '', 'data' => '', 'statistics' => array('total' => 0, 'warnings' => 0, 'errors' => 0, 'saved' => 0)), 'by_nets' => array());
$db = new ossim_db();
$conn = $db->connect();
$str_data = file_get_contents($filename);
if ($str_data === FALSE) {
$summary['general']['status'] = 'error';
$summary['general']['data']['errors'] = _('Failed to read data from CSV file');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
$array_data = preg_split('/\\n|\\r/', $str_data);
foreach ($array_data as $k => $v) {
if (trim($v) != '') {
$data[] = explode('";"', trim($v));
}
}
set_time_limit(360);
/*********************************************************************************************************************
* From net section:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"
* - Version 3.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*
*
* From welcome wizard:
* - Version 4.x.x: "Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"
*
*********************************************************************************************************************/
//Check file size
if (count($data) <= 0 || count($data) == 1 && preg_match('/Netname/', $data[0][0])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('CSV file is empty');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
//Check importation type and headers
$csv_headers = array();
if ($import_type == 'networks') {
if (preg_match('/Net ID/', $data[0][4]) || preg_match('/Sensors/', $data[0][4])) {
$csv_headers = array_shift($data);
} else {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Headers not found');
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
}
//Setting total nets to import
$summary['general']['statistics']['total'] = count($data);
//Allowed sensors
$filters = array('where' => "acl_sensors.entity_id = UNHEX('{$ctx}')");
$a_sensors = Av_sensor::get_basic_list($conn, $filters);
$sensor_ids = array_keys($a_sensors);
if (count($sensor_ids) == 0) {
$summary['general']['status'] = 'error';
$s_error_msg = Session::is_pro() ? _('There is no sensor for this context') : _('There is no sensor for this net');
$summary['general']['data'] = $s_error_msg;
$summary['general']['statistics']['errors'] = 1;
return $summary;
}
Util::disable_perm_triggers($conn, TRUE);
foreach ($data as $k => $v) {
//Clean previous errors
ossim_clean_error();
$num_line = $k + 1;
//Set default status
$summary['by_nets'][$num_line]['status'] = 'error';
//Check file format
$cnd_1 = $import_type == 'networks' && count($v) < 5;
$cnd_2 = $import_type == 'welcome_wizard_nets' && count($v) < 3;
if ($cnd_1 || $cnd_2) {
$summary['by_nets'][$num_line]['errors']['Format'] = _('Number of fields is incorrect');
$summary['general']['statistics']['errors']++;
continue;
}
//Clean values
$param = array();
foreach ($v as $field) {
$parameter = trim($field);
$pattern = '/^\\"|\\"$|^\'|\'$/';
$param[] = preg_replace($pattern, '', $parameter);
}
//Values
$is_in_db = FALSE;
$net_id = '';
$name = $param[0];
$cidrs = preg_replace("/[\n\r\t]+/", '', $param[1]);
$descr = $param[2];
$asset_value = $param[3] == '' ? 2 : intval($param[3]);
$sensors = $sensor_ids;
//Permissions
$can_i_create_assets = Session::can_i_create_assets();
$can_i_modify_ips = TRUE;
//CIDRs
if (!ossim_valid($cidrs, OSS_IP_CIDR, 'illegal:' . _('CIDR'))) {
$summary['by_nets'][$num_line]['errors']['CIDRs'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
//Check Net ID �Is there a net registered in the System?
$net_ids = Asset_net::get_id_by_ips($conn, $cidrs, $ctx);
$net_id = key($net_ids);
if (!empty($net_id)) {
$is_in_db = TRUE;
} else {
$net_id = Util::uuid();
}
// Special case: Forced Net ID [Version 4.x.x]
if ($import_type == 'networks' && preg_match('/Net ID/', $csv_headers[4])) {
$csv_net_id = strtoupper($param[4]);
if ($is_in_db == TRUE && $csv_net_id != $net_id) {
$id_error_msg = _('Net is already registered in the System with another Net ID');
$summary['by_nets'][$num_line]['errors']['Net'] = $id_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Netname
if (!empty($iic)) {
$name = clean_iic($name);
}
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
ossim_clean_error();
$name = clean_iic($name);
$name = clean_echars($name);
$warning_msg = _('Netname has invalid characters') . '<br/>' . _('Netname will be replaced by') . ": <strong>{$name}</strong>";
$summary['by_nets'][$num_line]['warnings']['Netname'] = $warning_msg;
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['statistics']['warnings']++;
if (!ossim_valid($name, OSS_NOECHARS, OSS_NET_NAME, 'illegal:' . _('Netname'))) {
unset($summary['by_nets'][$num_line]['warnings']);
$summary['general']['statistics']['warnings']--;
$summary['by_nets'][$num_line]['status'] = 'error';
$summary['by_nets'][$num_line]['errors']['Netname'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Description
if (!ossim_valid($descr, OSS_NULLABLE, OSS_AT, OSS_TEXT, '\\t', 'illegal:' . _('Description'))) {
$summary['by_nets'][$num_line]['errors']['Description'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
} else {
if (mb_detect_encoding($descr . ' ', 'UTF-8,ISO-8859-1') == 'UTF-8') {
$descr = mb_convert_encoding($descr, 'HTML-ENTITIES', 'UTF-8');
}
}
//Sensor
if ($is_in_db == FALSE) {
//Only update net sensors with unregistered nets
if ($import_type == 'networks' && preg_match('/Sensors/', $csv_headers[4])) {
//Special case: Sensors in CSV file //[Version 3.x.x]
$sensors = array();
$_sensors = explode(',', $param[4]);
if (is_array($_sensors) && !empty($_sensors)) {
$_sensors = array_flip($_sensors);
if (is_array($a_sensors) && !empty($a_sensors)) {
foreach ($a_sensors as $s_id => $s_data) {
if (array_key_exists($s_data['ip'], $_sensors)) {
$sensors[] = $s_id;
}
}
}
}
if (!is_array($sensors) || empty($sensors)) {
$s_error_msg = Session::is_pro() ? _('There is no sensors for this context') : _('There is no sensors for this IP');
$summary['by_nets'][$num_line]['errors']['Sensors'] = $s_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
}
/***********************************************************
********** Only for importation from net section **********
***********************************************************/
if ($import_type == 'networks') {
//Asset
if (!ossim_valid($asset_value, OSS_DIGIT, 'illegal:' . _('Asset value'))) {
$summary['by_nets'][$num_line]['errors']['Asset value'] = ossim_get_error_clean();
$summary['general']['statistics']['errors']++;
continue;
}
}
//Insert/Update net in database
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
try {
$net = new Asset_net($net_id);
if ($is_in_db == TRUE) {
$net->load_from_db($conn, $net_id);
$can_i_modify_ips = Asset_net::can_i_modify_ips($conn, $net_id);
} else {
if ($can_i_create_assets == FALSE) {
$n_error_msg = _('Net') . ' ' . $name . ' ' . _("not allowed. You don't have permissions to import this net");
$summary['by_nets'][$num_line]['errors']['Net'] = $n_error_msg;
$summary['general']['statistics']['errors']++;
continue;
}
}
//Check CIDRs
if ($can_i_modify_ips == TRUE) {
$aux_cidr = explode(',', $cidrs);
foreach ($aux_cidr as $cidr) {
$net_ids = Asset_net::get_id_by_ips($conn, $cidr, $ctx);
unset($net_ids[$net_id]);
if (!empty($net_ids)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} already exists for this entity");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
} else {
if (Session::get_net_where() != '') {
if (!Asset_net::is_cidr_in_my_nets($conn, $cidr, $ctx)) {
$c_error_msg = _('CIDR') . ' ' . $cidrs . ' ' . _("not allowed. CIDR {$cidr} out of range. Check your asset filter");
$summary['by_nets'][$num_line]['errors']['CIDRs'] = $c_error_msg;
$summary['general']['statistics']['errors']++;
break;
}
}
}
}
} else {
$c_error_msg = _('Net') . ' ' . $name . ': ' . _("CIDRs not allowed. CIDRs wasn't be modified");
$summary['by_nets'][$num_line]['status'] = 'warning';
$summary['general']['warnings']['errors']++;
$summary['by_nets'][$num_line]['warnings']['CIDRs'] = $c_error_msg;
}
//Setting new values
if (count($summary['by_nets'][$num_line]['errors']) == 0) {
$net->set_ctx($ctx);
$net->set_name($name);
$net->set_descr($descr);
if ($is_in_db == FALSE) {
if ($can_i_modify_ips == TRUE) {
$net->set_ips($cidrs);
}
$net->set_sensors($sensors);
}
$net->set_asset_value($asset_value);
$net->save_in_db($conn, FALSE);
$summary['general']['statistics']['saved']++;
$summary['by_nets'][$num_line]['data'] = $is_in_db == TRUE ? _('Net updated') : _('New new inserted');
//Keep warnings
if ($summary['by_nets'][$num_line]['status'] != 'warning') {
$summary['by_nets'][$num_line]['status'] = 'success';
}
}
} catch (Exception $e) {
$summary['by_nets'][$num_line]['errors']['Database error'] = $e->getMessage();
$summary['general']['statistics']['errors']++;
}
}
}
if ($summary['general']['statistics']['saved'] > 0) {
if ($summary['general']['statistics']['errors'] == 0) {
$summary['general']['status'] = 'success';
$summary['general']['data'] = _('All nets have been imported successfully');
} else {
$summary['general']['status'] = 'warning';
$summary['general']['data'] = _('Some nets could not be imported successfully');
}
Util::disable_perm_triggers($conn, FALSE);
try {
Asset_net::report_changes($conn, 'nets');
} catch (Exception $e) {
error_log($e->getMessage(), 0);
}
} else {
$summary['general']['statistics']['errors'] = count($data);
//CSV file is not empty, but all lines are wrong
if (empty($summary['general']['status'])) {
$summary['general']['status'] = 'error';
$summary['general']['data'] = _('Nets could not be imported');
}
}
$db->close();
return $summary;
}
<td class='left'><?php
echo _('Name');
?>
:</td>
<td class='left'>
<input type='text' class='ne1' size='30' id='description' name='description'/>
</td>
</tr>
<tr>
<td class='left'><?php
echo _('Map File');
?>
:</td>
<td class='left'>
<input type='hidden' name='name' value="map<?php
echo strtoupper(Util::uuid());
?>
">
<input type='file' size='22' id='ficheromap' name='ficheromap'/>
</td>
</tr>
<tr>
<td colspan="2" style='padding: 20px 0px; text-align:center;'>
<input type='submit' value="<?php
echo _('Upload');
?>
"/>
</td>
</tr>
</table>
</form>