function validate_post_params($conn, $name, $descr, $sids, $imported_sids) { $vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("Description"))); ossim_valid($name, $vals['name']); ossim_valid($descr, $vals['descr']); $plugins = array(); $sids = is_array($sids) ? $sids : array(); if (intval(POST('pluginid')) > 0) { $sids[POST('pluginid')] = "0"; } foreach ($sids as $plugin => $sids_str) { if ($sids_str !== '') { list($valid, $data) = Plugin_sid::validate_sids_str($sids_str); if (!$valid) { ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data); break; } if ($sids_str == "ANY") { $sids_str = "0"; } else { $aux = count(explode(',', $sids_str)); $total = Plugin_sid::get_sidscount_by_id($conn, $plugin); $sids_str = $aux == $total ? "0" : $sids_str; } $plugins[$plugin] = $sids_str; } } if (!count($plugins) && !count($imported_sids)) { ossim_set_error(_("No Data Sources or Event Types selected")); } if (ossim_error()) { die(ossim_error()); } return array($name, $descr, $plugins); }
function die_error($msg = null, $append = null) { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo gettext("OSSIM Framework"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" content="no-cache"/> <link rel="stylesheet" type="text/css" href="../style/style.css"/> </head> <body> <?php if ($msg) { ossim_set_error($msg); } echo ossim_error(); echo '<table class="noborder transparent" align="center"> <tr> <td class="nobborder"><input type="button" value="' . _("Back") . '" class="button" onclick="javascript:history.back()"/></td> </tr> </table>'; echo $append; ?> </body> </html> <?php exit; }
} else { $tip_target[] = $target; } } else { if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}(\\/\\d{1,2})?\$/", $target)) { $tip_target[] = $target; } else { list($asset_id, $ip_target) = explode("#", $target); ossim_set_error(FALSE); ossim_valid($asset_id, OSS_HEX, OSS_NULLABLE, 'illegal: Asset id'); // asset id if (ossim_error()) { $target_error = FALSE; $validation_errors[] = _('Invalid asset id') . ': ' . $asset_id; } ossim_set_error(FALSE); ossim_valid($ip_target, OSS_NULLABLE, OSS_DIGIT, OSS_SPACE, OSS_SCORE, OSS_ALPHA, OSS_PUNC, '\\.\\,\\/\\!', 'illegal:' . _("Target")); if (ossim_error()) { $target_error = FALSE; $validation_errors[] = _('Invalid target') . ': ' . $ip_target; } if (!$target_error) { $tip_target[] = str_replace('!', '', $target); } } } } $ip_list = $tip_target; // validated targets if (count($tip_target) == 0) { $validation_errors[] = _('Invalid Targets');
* * On Debian GNU/Linux systems, the complete text of the GNU General * Public License can be found in `/usr/share/common-licenses/GPL-2'. * * Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt * */ require_once dirname(__FILE__) . '/../../conf/config.inc'; Session::logcheck('environment-menu', 'EventsHidsConfig'); $sensor_id = POST('sensor_id'); ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID')); if (!ossim_error()) { $db = new ossim_db(); $conn = $db->connect(); if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) { ossim_set_error(_('Error! Sensor not allowed')); } $db->close(); } if (ossim_error()) { echo '2###' . _('We found the followings errors') . ": <div style='padding-left: 15px; text-align:left;'>" . ossim_get_error_clean() . '</div>'; exit; } //Current sensor $_SESSION['ossec_sensor'] = $sensor_id; echo '1###'; try { $rules = Ossec::get_rule_files($sensor_id, FALSE); $options_e .= "<optgroup label='" . _('Editable rule file') . "'>\n"; $options_ne .= "<optgroup label='" . _('Rules files read-only') . "'>\n"; foreach ($rules as $rule) {
$search = mb_detect_encoding($search . " ", 'UTF-8,ISO-8859-1') == 'UTF-8' ? Util::utf8entities($search) : $search; $search = trim($search); switch ($field) { case 'ip': ossim_valid($search, OSS_IP_ADDR, 'illegal:' . _('IP')); $search = escape_sql($search, $conn); $where = " AND ip like '%{$search}%' OR hostname like '%{$search}%'"; break; case 'user': case 'hostname': ossim_valid($search, OSS_NOECHARS, OSS_SCORE, OSS_LETTER, OSS_DIGIT, OSS_DOT, 'illegal:' . _("{$field}")); $search = escape_sql($search, $conn); $where = " AND {$field} like '%{$search}%'"; break; default: ossim_set_error(_("Error in the 'Quick Search Field' field (missing required field)")); } } ossim_valid($sensor, OSS_HEX, 'illegal:' . _('Sensor')); ossim_valid($sortname, ",", OSS_ALPHA, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _('Order Name')); ossim_valid($sortorder, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _('Sort Order')); ossim_valid($field, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Field')); ossim_valid($page, OSS_DIGIT, 'illegal:' . _('Page')); ossim_valid($rp, OSS_DIGIT, 'illegal:' . _('Rp')); if (ossim_error()) { $db->close(); echo "<rows>\n<page>1</page>\n<total>0</total>\n</rows>\n"; exit; } $sensor = escape_sql($sensor, $conn); $sortname = !empty($sortname) ? $sortname : "hostname";
$dbconn->SetFetchMode(ADODB_FETCH_BOTH); $version = $conf->get_conf("ossim_server_version"); list($arruser, $user) = Vulnerabilities::get_users_and_entities_filter($dbconn); $ipl = $_GET['ipl']; $treport = $_GET['treport']; $key = $_GET['key']; ossim_valid($scantime, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Scantime")); if (ossim_error()) { die(_("Invalid Scantime")); } ossim_set_error(false); ossim_valid($scantype, OSS_ALPHA, 'illegal:' . _("Scan Type")); if (ossim_error()) { die(_("Invalid Scan Type")); } ossim_set_error(false); ossim_valid($key, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Key")); if (ossim_error()) { die(_("Invalid Key")); } // Check if exists _feed tables $query = "SELECT sid FROM vuln_nessus_reports WHERE report_id in ({$report_id})"; $profile = $dbconn->GetOne($query); $feed = $profile == "-1" && exists_feed_tables($dbconn) ? "_feed" : ""; $perms_where = Session::get_ctx_where() != "" ? " AND ctx in (" . Session::get_ctx_where() . ")" : ""; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); if ($scansubmit != "") { $query = "SELECT r.report_id FROM vuln_nessus_reports r,vuln_jobs j \n WHERE r.report_id=j.report_id AND j.scan_SUBMIT='{$scansubmit}'\n AND scantype='{$scantype}'" . (empty($arruser) ? "" : " AND r.username in ({$user})"); $result = $dbconn->execute($query); while (!$result->EOF) { list($report_id) = $result->fields;
$targets = explode(' ', $targets); if (is_array($targets) && count($targets) > 0) { $targets_string = array(); foreach ($targets as $target) { // Validate UUID#IP or IP, other cases will fail $_target = explode('#', $target); if (count($_target) == 1) { $_target_ip = $_target[0]; ossim_valid($_target_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP')); } elseif (count($_target) == 2) { $_target_ip = $_target[1]; $_target_id = $_target[0]; ossim_valid($_target_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP')); ossim_valid($_target_id, OSS_HEX, 'illegal:' . _('Asset ID')); } else { ossim_set_error(_('Asset not allowed')); } if (ossim_error()) { $validation_errors['assets[]'] = strip_tags(ossim_get_error_clean()); break; } else { //IP_CIDR and ID is pushed array_push($targets_string, $target); } } $targets_p = implode(' ', $targets_string); } else { $validation_errors['assets[]'] = _("Error in the 'Target selection' field (missing required field)"); } } if (is_array($validation_errors) && !empty($validation_errors)) {
function validate_post_params($name, $descr, $sids, $imported_sids) { $vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("Description"))); ossim_valid($name, $vals['name']); ossim_valid($descr, $vals['descr']); $plugins = array(); $sids = is_array($sids) ? $sids : array(); if (intval(POST('pluginid')) > 0) { $sids[POST('pluginid')] = "0"; } foreach ($sids as $plugin => $sids_str) { if ($sids_str !== '') { list($valid, $data) = validate_sids_str($sids_str); if (!$valid) { ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data); break; } if ($sids_str == "ANY") { $sids_str = "0"; } $plugins[$plugin] = $sids_str; } } /*$delvar = array(); foreach($_SESSION as $k => $sids_str) if (preg_match("/pid(\d+)/", $k, $found)) { $plugin = $found[1]; if ($sids_str !== '') { list($valid, $data) = validate_sids_str($sids_str); if (!$valid) { ossim_set_error(_("Error for plugin ") . $plugin . ': ' . $data); break; } if ($sids_str == "ANY") $sids_str = "0"; if ($plugins[$plugin] == "") $plugins[$plugin] = $sids_str; } $delvar[] = $k; } foreach($delvar as $k) unset($_SESSION[$k]); */ // if (!count($plugins) && !count($imported_sids)) { ossim_set_error(_("No Data Sources or Event Types selected")); } if (ossim_error()) { die(ossim_error()); } return array($name, $descr, $plugins); }
<?php } ?> <tr> <td colspan="4" align="center" style="height:30px" class='noborder'> <a href="newincidenttypeform.php" class="buttonlink"><?php echo gettext("New custom Ticket Type"); ?> </a> </td> </tr> </table> <?php } else { $error = _("Error to connect to the database. Please, try again."); ossim_set_error($error); echo "<div style='width:80%; margin:auto;'>" . ossim_error() . "</div>"; } ?> </body> </html> <?php $db->close($conn); ?>
ossim_valid($pass, OSS_PASSWORD, 'illegal:' . _('Password')); ossim_valid($pass1, OSS_PASSWORD, 'illegal:' . _('Repeat Password')); if (ossim_error()) { die(ossim_error()); } //Check password policy $pp_1 = strlen($pass) < $pass_length_min; $pp_2 = strlen($pass) > $pass_length_max; $pp_3 = Session::pass_check_complexity($pass) == FALSE; if ($pp_1 || $pp_2 || $pp_3) { if ($pp_1 == TRUE) { ossim_set_error(sprintf(_('Password is not long enough [Minimum password size is %s]'), $pass_length_min)); } elseif ($pp_2 == TRUE) { ossim_set_error(sprintf(_('Password is too long [Maximum password size is %s]'), $pass_length_max)); } elseif ($pp_3 == TRUE) { ossim_set_error(_("The password does not meet the password complexity requirements [Password should contain lowercase and uppercase letters, digits and special characters]")); } if (ossim_error()) { die(ossim_error()); } } $config = new Config(); $first_login = '******'; //Update admin info list($db, $conn) = Ossim_db::get_conn_db(); $local_tz = trim(Util::execute_command('head -1 /etc/timezone', FALSE, 'string')); Session::update_user_light($conn, AV_DEFAULT_ADMIN, 'pass', $fullname, $email, $company, '', 'en_GB', 0, 1, $local_tz); if ($company != '') { Session::update_default_entity_name($conn, $company); } Session::change_pass($conn, AV_DEFAULT_ADMIN, $pass);
function validate_post_params($conn, $name, $descr, $sids, $imported_sids, $group_id = NULL) { $vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_ALL, OSS_NULLABLE, 'illegal:' . _("Description")), 'group_id' => array(OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Group ID"))); ossim_valid($group_id, $vals['group_id']); ossim_valid($name, $vals['name']); if (ossim_error() == FALSE && Plugin_group::is_valid_group_name($conn, $name, $group_id) == FALSE) { $name = Util::htmlentities($name); ossim_set_error(sprintf(_("DS group name '<strong>%s</strong>' already exists"), $name)); } ossim_valid($descr, $vals['descr']); $plugins = array(); $sids = is_array($sids) ? $sids : array(); $pluginid = intval(POST('pluginid')); if ($pluginid > 0) { $sids[$pluginid] = "0"; } foreach ($sids as $plugin => $sids_str) { if ($sids_str !== '') { list($valid, $data) = Plugin_sid::validate_sids_str($sids_str); if (!$valid) { ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data); break; } if ($sids_str == "ANY") { $sids_str = "0"; } else { $aux = count(explode(',', $sids_str)); $total = Plugin_sid::get_sidscount_by_id($conn, $plugin); $sids_str = $aux == $total ? "0" : $sids_str; } $plugins[$plugin] = $sids_str; } } if (!count($plugins) && !count($imported_sids)) { ossim_set_error(_("No Data Sources or Event Types selected")); } return array($group_id, $name, $descr, $plugins, ossim_error()); }
$validation_errors = validate_form_fields('GET', $validate); if ($validation_errors == 1) { echo 1; } else { if (empty($validation_errors)) { echo 0; } else { echo $validation_errors[0]; } } exit; } else { $validation_errors = validate_form_fields('POST', $validate); ossim_valid($id, OSS_NULLABLE, OSS_DIGIT, 'illegal:' . _("Id")); if (ossim_error()) { $validation_errors[] = ossim_set_error(_("Invalid credential id") . "<br/>Entered id: '<strong>{$id}</strong>'"); } if ($validation_errors == 1 || is_array($validation_errors) && !empty($validation_errors) || $pass_ct != $pass_ct2) { $error = true; $message_error = array(); if ($pass_ct != $pass_ct2) { $message_error[] = _("Password fields are different"); } if (is_array($validation_errors) && !empty($validation_errors)) { $message_error = array_merge($message_error, $validation_errors); } else { if ($validation_errors == 1) { $message_error[] = _("Invalid send method"); } } }
function end_upgrade() { $conn =& $this->conn; $conn->StartTrans(); $sql = "SELECT id, in_charge, last_update, status, priority, date " . "FROM incident"; if (!($rs = $conn->Execute($sql))) { die("Error was:<br>\n<b>" . $conn->ErrorMsg() . "</b>"); } while (!$rs->EOF) { $id = $rs->fields['id']; $date = $last_update = $rs->fields['date']; // incident creation time $in_charge = $rs->fields['in_charge']; $last_update = $rs->fields['last_update']; $status = $rs->fields['status']; $priority = $rs->fields['priority']; // // In charge // if (empty($in_charge)) { $sql = "SELECT in_charge, transferred FROM incident_ticket\n WHERE incident_id={$id} ORDER BY id DESC LIMIT 1"; if (!($rs2 = $conn->Execute($sql))) { die($conn->ErrorMsg()); } if ($rs2->EOF) { $in_charge = ACL_DEFAULT_OSSIM_ADMIN; } else { $in_charge = $rs2->fields["in_charge"]; $transferred = $rs2->fields["transferred"]; if ($transferred) { $in_charge = $transferred; } } $rs2->close(); } // // Creation date // $sql = "SELECT date FROM incident_ticket\n WHERE incident_id={$id} ORDER BY id ASC LIMIT 1"; if (!($rs2 = $conn->Execute($sql))) { die($conn->ErrorMsg()); } if (!$rs2->EOF) { $first_ticket = $rs2->fields['date']; // workarround old bug (autoupdate TIMESTAMP fields) if (strtotime($first_ticket) < strtotime($date)) { $date = $first_ticket; } $rs2->close(); } // // Last update // if ($last_update == '0000-00-00 00:00:00') { $sql = "SELECT date FROM incident_ticket " . "WHERE incident_id = {$id} ORDER BY id DESC"; if (!($rs2 = $conn->Execute($sql))) { die($conn->ErrorMsg()); } // use incident creation date (computed before) when no ticket if (!empty($rs2->fields['date'])) { $last_update = $rs2->fields['date']; } $rs2->close(); } // // Status // if ($status == 'Open') { $sql = "SELECT status FROM incident_ticket\n WHERE incident_id = {$id} ORDER BY id DESC"; if (!($rs2 = $conn->Execute($sql))) { die($conn->ErrorMsg()); } if (!empty($rs2->fields['status'])) { $status = $rs2->fields['status']; } $rs2->close(); } // // Priority // $sql = "SELECT priority FROM incident_ticket\n WHERE incident_id = {$id} ORDER BY id DESC"; if (!($rs2 = $conn->Execute($sql))) { die($conn->ErrorMsg()); } if (!empty($rs2->fields['priority'])) { $priority = $rs2->fields['priority']; } if ($priority > 10) { $priority = 10; } if (empty($priority) || $priority < 1) { $priority = 1; } // // Upgrade fields // $sql = "UPDATE incident " . "SET in_charge=?, date=?, last_update=?, status=?, priority=? " . "WHERE id = {$id}"; $parms = array($in_charge, $date, $last_update, $status, $priority); if (!$conn->Execute($sql, $parms)) { die($conn->ErrorMsg()); } $rs->MoveNext(); } $conn->CompleteTrans(); if ($conn->HasFailedTrans()) { return ossim_set_error($conn->ErrorMsg()); } // // Reload ACLS // $this->reload_acls(); return true; }