class_exists('Setup', false) or (include 'classes/Setup.class.php'); class_exists('Utilities', false) or (include 'classes/Utilities.class.php'); class_exists('_MySQL', false) or (include 'classes/_MySQL.class.php'); if (Utilities::isLoggedIn() === false) { header('Location: login.php?location=' . urlencode('hosts.php')); exit; } $host = array_key_exists('host', $_POST) ? $_POST['host'] : ''; $toggle = array_key_exists('toggle', $_POST) ? (int) $_POST['toggle'] : 0; $titlePreFix = "Block Lists"; $user = Utilities::getAccount(); $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); if ($host != '') { if ($toggle == 0) { $mysql->runQuery("\n\t\t\tupdate blockLists\n\t\t\tset isActive = '0'\n\t\t\twhere md5(host) = '" . $mysql->escape($host) . "'"); } else { $mysql->runQuery("\n\t\t\tupdate blockLists\n\t\t\tset isActive = '1'\n\t\t\twhere md5(host) = '" . $mysql->escape($host) . "'"); } exit; } $sql = "\nselect *\nfrom blockLists\norder by isActive desc, blocksToday desc\n"; $rs = $mysql->runQuery($sql); include 'header.inc.php'; include 'accountSubnav.inc.php'; ?> <script src="js/jquery.tablesorter.min.js"></script> <script> $(document).ready(function() {
if (Utilities::isValidEmail($e)) { $noticeEmailAddresses .= "{$e}\n"; } } $ta = explode("\n", $textMessageEmails); $textMessageEmails = ""; foreach ($ta as $e) { $e = trim($e); if (Utilities::isValidEmail($e)) { $textMessageEmails .= "{$e}\n"; } } //TODO: make sure blacklists are domains with an ip address on them if (count($message) == 0) { //update $mysql->runQuery("\n\t\t\tupdate users set username = '******',\n\t\t\tpasswd = '" . $mysql->escape($passwdOld) . "',\n\t\t\tapiKey = '" . $mysql->escape($apiKey) . "',\n\t\t\ttwitterHandle = '" . $mysql->escape($twitterHandle) . "',\n\t\t\ttwitterHandle = '" . $mysql->escape($twitterHandle) . "',\n\t\t\tlastUpdate = '" . date('Y-m-d H:i:s') . "',\n\t\t\ttwitterHandle = '" . $mysql->escape($twitterHandle) . "',\n\t\t\tnoticeEmailAddresses = '" . $mysql->escape(trim($noticeEmailAddresses)) . "',\n\t\t\ttextMessageEmails = '" . $mysql->escape(trim($textMessageEmails)) . "',\n\t\t\tapiCallbackURL = '" . $mysql->escape($apiCallbackURL) . "',\n\t\t\tcheckFrequency = '" . $mysql->escape($checkFrequency) . "',\n\t\t\tdisableEmailNotices = {$disableEmailNotices}\n\t\t\t"); if ($beenChecked == 1) { $mysql->runQuery("update users set beenChecked = 0"); $message[] = "Check scheduled."; } if ($twitterHandle != '') { $t = new Twitter(); $t->follow($twitterHandle); } $message[] = "Account updated."; } } $user = Utilities::getAccount(); if (!$user) { //invalid account echo "<script>window.location='login.php?logout=1';</script>";
$domains = array_key_exists('domains', $params) ? trim(strtolower($params['domains'])) : ''; $ips = array_key_exists('ips', $params) ? trim($params['ips']) : ''; $deleteGroup = array_key_exists('deleteGroup', $params) ? trim($params['deleteGroup']) : ''; $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); if ($deleteGroup != '') { $mysql->runQuery("delete from monitorGroup where id = {$id}"); $mysql->runQuery("delete from monitors where monitorGroupId = {$id}"); echo "<script>window.location='monitorGroup.php';</script>"; exit; } if (isset($_POST["submit"])) { //TODO: make sure blacklists are domains with an ip address on them if ($id !== 0) { //update $mysql->runQuery("\n\t\t\tupdate monitorGroup set groupName = '" . $mysql->escape($groupName) . "',\n\t\t\t\tips = '" . $mysql->escape($ips) . "',\n\t\t\t\tdomains = '" . $mysql->escape($domains) . "'\n\t\t\twhere id = {$id}\n\t\t\t"); } else { $mysql->runQuery("\n\t\t\tinsert into monitorGroup set groupName = '" . $mysql->escape($groupName) . "',\n\t\t\t\tips = '" . $mysql->escape($ips) . "',\n\t\t\t\tdomains = '" . $mysql->escape($domains) . "'\n\t\t\t"); $id = $mysql->identity; } Utilities::updateDomains($domains, $id); Utilities::updateIPs($ips, $id); echo "<script>window.location='monitorGroup.php';</script>"; exit; } $group = array('groupName' => '', 'ips' => '', 'domains' => ''); $rs = $mysql->runQuery("select * from monitorGroup where id = {$id}"); while ($row = mysqli_fetch_array($rs, MYSQL_ASSOC)) { $group = $row; } include 'header.inc.php';
public static function validateLogin($userName, $passwd, $api = false, $apiKey = '') { $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); $sql = "\n\t\tselect username\n\t\tfrom users\n\t\twhere "; if (trim($apiKey) != '') { $sql .= " apiKey = '" . $mysql->escape($apiKey) . "'"; } else { $sql .= " passwd = '" . $mysql->escape(md5($passwd)) . "' \n\t\t\tand username = '******'"; } $rs = $mysql->runQuery($sql); $id = 0; while ($row = mysqli_fetch_array($rs, MYSQL_ASSOC)) { $id = 1; } $mysql->close(); return $id; }
exit; } $dir = dirname(dirname(__FILE__)); class_exists('Setup', false) or (include $dir . '/classes/Setup.class.php'); class_exists('Utilities', false) or (include $dir . '/classes/Utilities.class.php'); class_exists('_MySQL', false) or (include $dir . '/classes/_MySQL.class.php'); class_exists('_Logging', false) or (include $dir . '/classes/_Logging.class.php'); $options = getopt("h:"); $options['h'] = isset($options['h']) ? trim($options['h']) : ''; if ($options['h'] == '') { _Logging::appLog("monitorJob called without params"); exit; } $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); $rs = $mysql->runQuery("\n\tselect *\n\tfrom monitors\n\twhere ipDomain = '" . $mysql->escape($options['h']) . "'"); while ($row = mysqli_fetch_array($rs, MYSQL_ASSOC)) { $monitor = $row; } // get blacklists Utilities::setBlockLists(); if (empty(Utilities::$domainBlacklists) === true && empty(Utilities::$ipBlacklists) === true) { _Logging::appLog("no blacklists configured"); exit; } //update monitor $result = serialize(Utilities::checkBlacklists($monitor['ipDomain'])); $isBlocked = Utilities::$isBlocked; $rdns = Utilities::lookupHostDNS($monitor['ipDomain']); $ctime = date('Y-m-d H:i:s'); $mysql->runQuery("\nupdate monitors\nset\nlastStatusChanged = 0,\nrDNS = '" . $mysql->escape($rdns) . "', \nisBlocked = {$isBlocked},\nlastUpdate = '{$ctime}', \nstatus = '" . $mysql->escape($result) . "' \nwhere ipDomain = '" . $mysql->escape($monitor['ipDomain']) . "'\n");
$orderSQL .= " lastStatusChangeTime desc "; break; } if ($monitorGroupId != 0) { $searchSQL .= " and monitorGroupId = {$monitorGroupId} "; } switch ($hostType) { case 'domains': $hostTypeSQL .= " and isDomain = 1 "; break; case 'ips': $hostTypeSQL .= " and isDomain = 0 "; break; } if ($searchS != '') { $searchSQL .= " and (\n\t\tipDomain like '%" . $mysql->escape($searchS) . "%' \n\t\tor rDNS like '%" . $mysql->escape($searchS) . "%'\n\t\tor status like '%" . $mysql->escape($searchS) . "%' ) "; } $sql = "\nselect m.isBlocked, m.lastUpdate, m.ipDomain, m.lastStatusChangeTime, m.rDNS, m.status, g.groupName, g.id\nfrom monitors m \n\tinner join monitorGroup g on g.id = m.monitorGroupId\nwhere 1=1 {$hostTypeSQL} {$searchSQL}\n{$orderSQL}\n{$limitSQL}\n"; $rs = $mysql->runQuery($sql); include 'header.inc.php'; include 'accountSubnav.inc.php'; $hostsCount = Utilities::getHostCount($mysql, $monitorGroupId); $hostsCountError = Utilities::getHostErrorCount($mysql, $monitorGroupId); ?> <script src="js/jquery.tablesorter.min.js"></script> <script> $(document).ready(function() { $("#hostTable").tablesorter(); $(".reportType").change(function() {
class_exists('Setup', false) or (include 'classes/Setup.class.php'); class_exists('Utilities', false) or (include 'classes/Utilities.class.php'); class_exists('_MySQL', false) or (include 'classes/_MySQL.class.php'); $host = array_key_exists('host', $_GET) ? trim($_GET['host']) : ''; if (Utilities::isLoggedIn() === false) { header('Location: login.php?location=' . urlencode('hosts.php')); exit; } $titlePreFix = "history | {$host}"; $user = Utilities::getAccount(); $mysql = new _MySQL(); $mysql->connect(Setup::$connectionArray); $daysOfHistory = Setup::$settings['history_keep_days']; $cutoffDate = date('Y-m-d', strtotime("-{$daysOfHistory} days")); $sql = "\nselect isBlocked,monitorTime,rDNS,status\nfrom monitorHistory\nwhere ipDomain = '" . $mysql->escape($host) . "'\n\tand monitorTime >= '" . $mysql->escape($cutoffDate) . "'\norder by monitorTime desc\n"; $rs = $mysql->runQuery($sql); ?> <?php include 'header.inc.php'; include 'accountSubnav.inc.php'; ?> <script src="js/jquery.tablesorter.min.js"></script> <script> $(document).ready(function() { $("#hostTable").tablesorter(); } ); </script>