function BaseUserPrefs()
{
// Constructor
global $DBlib_path, $DBtype, $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password;
$db = NewBASEDBConnection($DBlib_path, $DBtype);
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password);
$this->db = $db;
}
function PrintBASESubHeader($page_title, $page_name, $back_link, $refresh = 0, $page = "")
{
global $debug_mode, $BASE_VERSION, $BASE_path, $BASE_urlpath, $html_no_cache, $max_script_runtime, $Use_Auth_System, $stat_page_refresh_time, $base_style, $refresh_stat_page, $ossim_servers, $sensors, $hosts, $database_servers, $DBlib_path, $DBtype, $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password;
if (ini_get("safe_mode") != true) {
set_time_limit($max_script_runtime);
}
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- ' . gettext("Forensics Console " . $BASE_installID) . $BASE_VERSION . ' -->
<HTML>
<HEAD><meta http-equiv="Content-Type" content="text/html; charset=' . gettext("iso-8859-1") . '">';
if ($html_no_cache == 1) {
echo '<META HTTP-EQUIV="pragma" CONTENT="no-cache">';
}
//echo '<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />';
if ($refresh == 1 && !$_SESSION['norefresh']) {
PrintFreshPage($refresh_stat_page, $stat_page_refresh_time);
}
if (@$_COOKIE['archive'] == 0) {
echo '<TITLE>' . gettext("Forensics Console " . $BASE_installID) . ': ' . $page_title . '</TITLE>';
} else {
echo '<TITLE>' . gettext("Forensics Console " . $BASE_installID) . ': ' . $pagegettext("Forensics Console " . $BASE_installID) . ' -- ARCHIVE</TITLE>';
}
echo '<LINK rel="stylesheet" type="text/css" HREF="' . $BASE_urlpath . '/styles/' . $base_style . '">
<!--[if IE]><script language="javascript" type="text/javascript" src="../js/jqplot/excanvas.js"></script><![endif]-->
<script type="text/javascript" src="../js/jquery-1.3.2.min.js"></script>
</HEAD>
<BODY>';
if (!array_key_exists("minimal_view", $_GET)) {
include "{$BASE_path}/base_hdr1.php";
$db = NewBASEDBConnection($DBlib_path, $DBtype);
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password);
include "{$BASE_path}/base_hdr2.php";
}
//echo "<TABLE WIDTH=\"100%\"><TR><TD ALIGN=RIGHT>".$back_link."</TD></TR></TABLE><BR>";
if ($debug_mode > 0) {
PrintPageHeader();
}
}
$cs->ReadState();
$ip = ImportHTTPVar("ip", VAR_DIGIT | VAR_PERIOD);
$ip = Util::htmlentities($ip);
$netmask = ImportHTTPVar("netmask", VAR_DIGIT);
$action = ImportHTTPVar("action", VAR_ALPHA);
$submit = ImportHTTPVar("submit", VAR_ALPHA | VAR_SPACE);
// Check role out and redirect if needed -- Kevin
$roleneeded = 10000;
#$BUser = new BaseUser();
#if (($BUser->hasRole($roleneeded) == 0) && ($Use_Auth_System == 1)) base_header("Location: " . $BASE_urlpath . "/index.php");
if ($netmask == '') {
$netmask = "32";
}
$page_title = $ip . '/' . $netmask;
/* Connect to the Alert database */
$db = NewBASEDBConnection($DBlib_path, $DBtype);
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password);
// Include base_header.php
PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1);
if ($event_cache_auto_update == 1) {
UpdateAlertCache($db);
}
if (sizeof($sig) != 0 && strstr($sig[1], "spp_portscan")) {
$sig[1] = "";
}
/* Build new link for criteria-based sensor page
* -- ALS <*****@*****.**>
*/
$tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . BuildIPFormVars($ip);
$tmp_srcdst_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&ip_addr_cnt=2' . BuildIPFormVars($ip);
$tmp_src_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&ip_addr_cnt=1' . BuildSrcIPFormVars($ip);
function Action_archive_alert_pre($action_arg, $action_param, $db)
{
global $DBlib_path, $DBtype, $archive_dbname, $archive_host, $archive_port, $archive_user;
$db2 = NewBASEDBConnection($DBlib_path, $DBtype);
$db2->baseConnect($archive_dbname, $archive_host, $archive_port, $archive_user, "");
return $db2;
}
function filterSql($item, $db = NULL)
{
global $DBlib_path, $DBtype, $db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password;
/* Determine whether a variable is set */
if (!isset($item)) {
return $item;
}
/* Recursively filter array elements -- nikns */
if (is_array($item)) {
for ($i = 0; $i < count($item); $i++) {
$item[$i] = XSSPrintSafe($item[$i]);
}
return $item;
}
if (!is_object($db)) {
$dbc = NewBASEDBConnection($DBlib_path, $DBtype);
$dbc->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password, $force_alert_db);
/* magic_quotes_gpc safe adodb qmagic() returns escaped $item in quotes */
$item = $dbc->DB->qmagic($item);
$dbc->baseClose();
} else {
$item = $db->DB->qmagic($item);
}
/* cut off first and last character (quotes added by qmagic()) */
$item = substr($item, 1, strlen($item) - 2);
return $item;
}
function UpdateAlertCache_ossim($db)
{
global $debug_mode;
global $archive_exists;
global $DBlib_path, $DBtype, $archive_dbname, $archive_host, $archive_port, $archive_user;
$batch_sql = "";
$batch_cnt = 0;
$updated_cache_cnt = 0;
$sensor_lst = $db->baseExecute("SELECT sid FROM sensor");
/* Iterate through all sensors in the SENSOR table */
while (($sid_row = $sensor_lst->baseFetchRow()) != NULL) {
$sid = $sid_row[0];
/* Get highest CID for a given sensor */
$cid_lst = $db->baseExecute("SELECT MAX(cid) FROM event WHERE sid='" . $sid . "'");
$cid_row = $cid_lst->baseFetchRow();
$cid = $cid_row[0];
if ($cid == NULL) {
$cid = 0;
}
/* Get highest CID for a given sensor in the cache */
$ccid_lst = $db->baseExecute("SELECT MAX(cid) FROM acid_event WHERE sid='" . $sid . "'");
$ccid_row = $ccid_lst->baseFetchRow();
$ccid = $ccid_row[0];
if ($ccid == NULL) {
$ccid = 0;
}
//if ($debug_mode > 0) echo "sensor #$sid: event.cid = $cid, acid_event.cid = $ccid";
/* if the CID in the cache < the CID in the event table
* then there are events which have NOT been added to the cache
*/
if ($cid > $ccid) {
$before_cnt = EventCntBySensor($sid, $db);
CacheSensor($sid, $ccid, $db);
$updated_cache_cnt += EventCntBySensor($sid, $db) - $before_cnt;
}
//if ($debug_mode > 0) echo "<BR>";
$cid_lst->baseFreeRows();
$ccid_lst->baseFreeRows();
/* BEGIN LOCAL FIX */
/* If there's an archive database, and this isn't it, get the MAX(cid) from there */
if ($archive_exists == 1 && @$_COOKIE['archive'] != 1) {
$db2 = NewBASEDBConnection($DBlib_path, $DBtype);
$db2->baseConnect($archive_dbname, $archive_host, $archive_port, $archive_user, "");
$archive_ccid_lst = $db2->baseExecute("SELECT MAX(cid) FROM acid_event WHERE sid='" . $sid . "'");
$archive_ccid_row = $archive_ccid_lst->baseFetchRow();
$archive_ccid = $archive_ccid_row[0];
$archive_ccid_lst->baseFreeRows();
$db2->baseClose();
if ($archive_ccid == NULL) {
$archive_ccid = 0;
}
$archive_ccid_lst->baseFreeRows();
$db2->baseClose();
} else {
$archive_ccid = 0;
}
if ($archive_ccid > $ccid) {
$max_ccid = $archive_ccid;
} else {
$max_ccid = $ccid;
}
/* Fix the last_cid value for the sensor */
$db->baseExecute("UPDATE sensor SET last_cid={$max_ccid} WHERE sid={$sid}");
/* END LOCAL FIX */
}
if ($updated_cache_cnt != 0) {
if (preg_match("/base_main.php/", $_SERVER['SCRIPT_NAME'])) {
ErrorMessage(gettext("Added ") . $updated_cache_cnt . gettext(" Event(s) to the Event cache"), "yellow");
} else {
ErrorMessage(gettext("Added ") . $updated_cache_cnt . gettext(" Event(s) to the Event cache"));
}
}
}
