<?php
/**
* nessus-report-parser -- menus.php
* User: Simon Beattie
* Date: 11/06/2014
* Time: 12:40
*/
$app->get('/', function () use($app) {
$app->render('menus/index.phtml', array());
});
$app->get('/nessus', function () use($app, $reportData, $config, $pdo) {
$users = new \Library\Users($pdo);
$userDetails = $users->getUserDetails($_SESSION['email']);
$reportList = $reportData->listReports($_SESSION['userId']);
$app->render('menus/nessusIndex.phtml', array('reports' => $reportList, 'severity' => $userDetails[0]['severity']));
});
$app->get('/opendlp', function () use($app) {
$files = new \Library\Files();
$app->render('menus/openDlpIndex.phtml', array('reports' => $files->getOpenDlpList($_SESSION['userId'])));
});
$app->get('/ignored/shown', function () use($app, $reportData) {
$app->render('menus/shown.phtml', array('vulnerabilities' => $reportData->getShownVulnerabilities($_SESSION['userId'])));
});
$app->get('/ignored/hidden', function () use($app, $reportData) {
$app->render('menus/hidden.phtml', array('vulnerabilities' => $reportData->getIgnoredVulnerabilities($_SESSION['userId'])));
});
$app->get('/ignored/add/:pluginId', function ($pluginId) use($app, $reportData) {
$result = $reportData->addIgnored($_SESSION['userId'], $pluginId);
$app->redirect('/ignored/shown?added=' . $result);
});
});
$app->get('/admin/changepass', function () use($app) {
$app->render('users/changePass.phtml', array('app' => $app));
});
$app->post('/admin/changepass', function () use($app, $pdo) {
$password = $app->request()->post('oldpass');
$newPass = $app->request()->post('newpass');
$repeatPass = $app->request()->post('repeat');
$users = new \Library\Users($pdo);
$result = $users->changeUserPass($_SESSION['email'], $_SESSION['userId'], $password, $newPass, $repeatPass);
$app->redirect('/admin/changepass?result=' . $result);
});
$app->post('/login', function () use($app, $pdo) {
$email = strip_tags($app->request()->post('username'));
$password = hash('sha512', $app->request()->post('password'));
$users = new \Library\Users($pdo);
$userId = $users->checkUser($email, $password);
if ($userId) {
$_SESSION['userId'] = $userId['id'];
$_SESSION['email'] = $userId['email'];
$_SESSION['name'] = $userId['name'];
$app->redirect('/');
return;
}
$app->redirect('/login?loggedIn=true');
})->setName('loginPost');
$app->get('/logout', function () use($app) {
session_destroy();
$app->redirect('/');
});
$app->get('/login', function () use($app) {
if (!$userCheck) {
$app->render('reports/reportExists.phtml');
} else {
$data = $reportData->getPCI($reportId);
$app->render('reports/pci.phtml', array('reportData' => $data));
}
});
$app->get('/opendlp/:filename', function ($filename) use($app, $reportData) {
//Sanitise
$filename = strip_tags($filename);
$userId = $_SESSION['userId'];
$reportData = $reportData->getOpenDLP($filename, $userId);
$app->render('reports/opendlp.phtml', array('reportData' => $reportData));
});
$app->get('/ports/:reportId/:severity', function ($reportId, $severity) use($app, $reportData, $pdo) {
$users = new \Library\Users($pdo);
//Sanitise
$reportId = strip_tags($reportId);
$severity = strip_tags($severity);
$userCheck = $users->checkReportOwnership($reportId, $_SESSION['userId']);
if (!$userCheck) {
$app->render('reports/reportExists.phtml');
} else {
$data = $reportData->getPorts($reportId, $severity, $_SESSION['userId']);
$app->render('reports/ports.phtml', array('reportData' => $data));
}
});
$app->get('/xml', function () use($app, $reportData) {
$xml = $reportData->loadXML(__DIR__ . '/../service-names-port-numbers.xml');
echo '<pre>';
print_r($xml);