function draw_user_header($conn, $user)
{
$entities = "";
foreach ($user->ctx as $entity) {
$entities .= Acl::get_entity_name($conn, $entity) . "<br>";
}
if (empty($entities) && Session::am_i_admin()) {
$entities = _("Global Admin");
}
$header = "\n\t <div class='column_header'>\n\t <div class='db_perm_header_title'>\n\t " . $user->name . "\n\t </div>\n\t <div class='db_perm_header_opts' onclick='toggle_default_tabs(this,\"" . $user->login . "\");'>\n\t " . _("Show Default Tabs") . "\n\t </div>\n\t <div title='{$entities}' class='db_perm_header_icon ui-icon ui-icon-help tooltip'></div>\n\t </div>";
return $header;
}
function get_policy_entities($conn)
{
$entities = $entities_all = array();
$entities_all = Acl::get_entities_to_assign($conn);
foreach ($entities_all as $k => $v) {
if (Acl::is_logical_entity($conn, $k)) {
$parent_id = Acl::get_logical_ctx_id($conn, $k);
$parent_id = $parent_id[0];
// first
$parent_name = Acl::get_entity_name($conn, $parent_id);
$entities[$parent_id] = $parent_name;
} else {
$entities[$k] = $v;
}
}
asort($entities);
return $entities;
}
function get_policy_entities($conn)
{
$entities = $entities_all = array();
$ctx_pro = '';
$entities_all = Acl::get_entities_to_assign($conn);
foreach ($entities_all as $k => $v) {
if (Acl::is_logical_entity($conn, $k)) {
$parent_id = Acl::get_logical_ctx_id($conn, $k);
$parent_id = $parent_id[0];
// first
$parent_name = Acl::get_entity_name($conn, $parent_id);
if (!empty($parent_id)) {
$entities[$parent_id] = $parent_name;
}
} else {
$entities[$k] = $v;
}
}
asort($entities);
$ctx_pro = array_shift(array_keys($entities));
return array($entities, $ctx_pro);
}
// API Login to read email settings
//
$cc = new Alienvault_client();
$cc->auth()->login('admin', $data->get_pass());
$attachments = array();
$subject = _('Scan Job Notification: ') . $result->fields["name"];
$width = 115;
$body = '<html>
<head>
<title>' . $subject . '</title>
</head>
<body>' . '<table width="100%" cellspacing="0" cellpadding="0" style="border:0px;">' . '<tr><td colspan="2" style="text-decoration: underline;">' . _('Email scan summary') . '</td></tr>' . '<tr><td colspan="2"> </td></tr>' . '<tr><td width="' . $width . '">' . _('Scan Title:') . '</td><td>' . $result->fields["name"] . '</td></tr>' . '<tr><td width="' . $width . '">' . _('Profile:') . '</td><td>' . $result->fields["profile"] . '</td></tr>';
$body .= '<tr><td width="' . $width . '">' . _('Submit Date:') . '</td><td>SCAN_SUBMIT</td></tr>' . '<tr><td width="' . $width . '">' . _('Start Date:') . '</td><td>SCAN_START</td></tr>';
$body .= '<tr><td width="' . $width . '">' . _('Duration:') . '</td><td>' . (intval($result->fields["duration"]) == 0 ? "< 1 min" : $result->fields["duration"] . " mins") . '</td></tr>' . '<tr><td colspan="2"> </td></tr>' . '<tr><td width="' . $width . '">' . _('Launched By:') . '</td><td>' . ($result->fields["fk_name"] != "" ? $result->fields["fk_name"] : _("Unknown")) . '</td></tr>';
if (valid_hex32($username)) {
$visible_for = Acl::get_entity_name($dbconn, $username);
} else {
$visible_for = $username;
}
$body .= '<tr><td width="' . $width . '">' . _('Job visible for:') . '</td><td>' . ($visible_for != "" ? $visible_for : _("Unknown")) . '</td></tr>';
$body .= '<tr><td colspan="2"> </td></tr>';
if (intval($report_id) != 0 && $message == "") {
$body .= '<tr><td colspan="2" style="text-decoration: underline;">' . _('Summary of Scanned Hosts') . '</td></tr>';
$body .= '<tr><td colspan="2"> </td></tr>';
if (!($result_ip_name = $dbconn->Execute(ossim_query("SELECT distinct t1.hostip as ip, HEX(t1.ctx) as ctx FROM vuln_nessus_results t1 \n WHERE t1.report_id={$report_id}")))) {
echo $dbconn->ErrorMsg() . "\n";
$dbconn->close();
return;
}
$total = 0;
while (!$result_ip_name->EOF) {
echo $to_text;
// Path to save PDF
$dirUser = $uuid . '/' . $value['id'] . '/';
$dirUserPdf = $urlPdf . '/' . $dirUser;
newFolder($dirUserPdf);
if ($value['save_in_repository'] == '0') {
// Delete reports list
echo "\n\tDelete reports list from: {$dirUserPdf}\n\n";
clean(null, $dirUserPdf);
}
// Set name
$str_to_replace = array(" ", ":", ".", "&", "/");
//var_dump($value["assets"]);
if (preg_match("/ENTITY\\:(\\d+)/", $value["assets"], $fnd)) {
$conn = $db->connect();
$e_name = Acl::get_entity_name($conn, $fnd[1]);
$assets = "ENTITY: " . $e_name;
$db->close($conn);
} else {
$assets = $value['assets'];
}
$pdfNameEmail = str_replace($str_to_replace, '_', $value['name_report']) . '_' . str_replace($str_to_replace, '_', $assets);
$conn = $db->connect();
$run_at = get_timestamp($conn, $user, gmdate('Y-m-d H:i:s', gmdate('U')));
$user_name = $conn->GetOne("SELECT name FROM users WHERE login='******'");
$db->close();
$subject_email = _("Report") . ": " . $value["schedule_name"] . " " . $value['name_report'] . " " . _("run at") . " " . $run_at;
$pdfName = $pdfNameEmail . "_" . time();
$body_email = _("Run as") . ": " . $user_name . "<br />";
$body_email .= _("Run at") . ": " . $run_at . "<br />";
if ($assets == "ALL_ASSETS") {
*/
set_include_path('/usr/share/ossim/include');
require_once 'av_init.php';
$conf = $GLOBALS["CONF"];
$mdays = $conf->get_conf("tickets_max_days");
$send_mail = strtolower($conf->get_conf("tickets_send_mail"));
if ($send_mail == "no") {
exit;
}
$db = new ossim_db();
$conn = $db->connect();
$result = $conn->execute("SET SESSION time_zone='+00:00'");
$result = $conn->execute("SELECT id, title, date, ref, type_id, priority, last_update, in_charge, submitter FROM incident inner join incident_tag on incident_tag.incident_id=incident.id WHERE DATEDIFF(now() , date) > {$mdays} AND STATUS = 'open'");
while (!$result->EOF) {
if (valid_hex32($result->fields["in_charge"])) {
$in_charge = Acl::get_entity_name($conn, $result->fields["in_charge"]);
} else {
$in_charge = $result->fields["in_charge"];
}
$subject = _('Ticket Open: ') . $result->fields["title"];
$body = '<html>
<head>
<title>' . $subject . '</title>
</head>
<body>' . '<table width="100%" cellspacing="0" cellpadding="0" style="border:0px;">' . '<tr><td width="75">' . _('Id:') . '</td><td>' . $result->fields["id"] . '</td></tr>' . '<tr><td width="75">' . _('Title:') . '</td><td>' . $result->fields["title"] . '</td></tr>' . '<tr><td width="75">' . _('Date:') . '</td><td>' . $result->fields["date"] . '</td></tr>' . '<tr><td width="75">' . _('Ref:') . '</td><td>' . $result->fields["ref"] . '</td></tr>' . '<tr><td width="75">' . _('Type id:') . '</td><td>' . $result->fields["type_id"] . '</td></tr>' . '<tr><td width="75">' . _('Priority:') . '</td><td>' . $result->fields["priority"] . '</td></tr>' . '<tr><td width="75">' . _('Last update:') . '</td><td>' . $result->fields["last_update"] . '</td></tr>' . '<tr><td width="75">' . _('In charge:') . '</td><td>' . $in_charge . '</td></tr>' . '<tr><td width="75">' . _('Submitter:') . '</td><td>' . $result->fields["submitter"] . '</td></tr>' . '</table>' . '</body>
</html>';
if (!valid_hex32($result->fields["in_charge"])) {
$user_data = Session::get_list($conn, "WHERE login='******'", "", TRUE);
if (is_object($user_data[0])) {
if ($user_data[0]->get_email() != '') {
Util::send_email($conn, $user_data[0]->get_email(), $subject, $body);
$total = 0;
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$policygroup_list = Policy_group::get_list($conn, '', " and policy_group.id <> UNHEX('00000000000000000000000000000000') ORDER BY {$order} {$limit}");
if ($policygroup_list[0]) {
$total = $policygroup_list[0]->get_foundrows();
if ($total == 0) {
$total = count($policygroup_list);
}
}
$xml = "";
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($policygroup_list as $policygrp) {
$id = $policygrp->get_group_id();
$xml .= "<row id='{$id}'>";
$xml .= "<cell><![CDATA[" . $policygrp->get_order() . "]]></cell>";
$pgname = $policygrp->get_name();
$pgname = empty($pgname) ? _("Unknown") : "<a href='newpolicygroupform.php?id={$id}'>{$pgname}</a>";
$xml .= "<cell><![CDATA[" . $pgname . "]]></cell>";
if ($pro) {
$entity = Acl::get_entity_name($conn, $policygrp->get_ctx());
$xml .= "<cell><![CDATA[" . $entity . "]]></cell>";
}
$xml .= "<cell><![CDATA[" . $policygrp->get_descr() . "]]></cell>";
$xml .= "</row>\n";
}
$xml .= "</rows>\n";
echo $xml;
$db->close();
//If the id is not empty, we are gonna edit a policy group, otherwise we're gonna create a new one
if (!empty($id)) {
if ($id == '00000000000000000000000000000000') {
echo ossim_error(_("You cannot modify the default group."), AV_NOTICE);
exit;
}
//retrieving policygroup info...
$policy_groups = Policy_group::get_list($conn, '', " AND id=UNHEX('{$id}')");
if (!isset($policy_groups[0])) {
exit;
}
$name = $policy_groups[0]->get_name();
$ctx = $policy_groups[0]->get_ctx();
$descr = $policy_groups[0]->get_descr();
if ($pro) {
$ctx_name = Acl::get_entity_name($conn, $ctx);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo _("OSSIM Framework");
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache"/>
<link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php
echo Util::get_css_id();
?>
$icon = ' <img src="../pixmaps/user-business.png" align="absmiddle" alt="' . _('Admin') . '"/>';
} elseif (Session::is_pro() && Acl::is_proadmin($conn, $login)) {
$icon = ' <img src="../pixmaps/user-gadmin.png" align="absmiddle" alt="' . _('Entity admin') . '"/>';
}
$name = " <a style='font-weight:bold;' href=\"./user_form.php?login="******"\">" . $user->get_name() . "</a> ";
$email = $user->get_email();
if (Session::is_pro()) {
$entities = $user->get_ctx();
$companies = array();
foreach ($entities as $entity_id) {
$parents = Acl::get_entity_parents($conn, $entity_id);
$parents = array_reverse($parents);
$parents[] = $entity_id;
$ent_name = array();
foreach ($parents as $eid) {
$ent_name[] = Acl::get_entity_name($conn, $eid);
}
$ent_name = implode('<strong> / </strong>', $ent_name);
$companies[] = $ent_name;
}
$companies = implode(',<br>', $companies);
} else {
$company = utf8_encode($user->get_company());
$department = utf8_encode($user->get_department());
$companies = $department != '' && $company != '' ? $company . ' - ' . $department : $company;
}
$last_logon_try = $user->get_last_logon();
if (empty($last_logon_try) || $last_logon_try == '0000-00-00 00:00:00') {
$last_logon_try = '-';
}
$creation_date = $conn->GetOne("SELECT date FROM log_action WHERE info = 'Configuration - User " . $login . " created' ORDER BY date DESC");
?>
<td><?php
echo Incident::get_priority_in_html($priority);
?>
</td>
<td nowrap='nowrap'><?php
echo $incident->get_date();
?>
</td>
<td nowrap='nowrap'><?php
echo $incident->get_life_time();
?>
</td>
<?php
if (preg_match("/pro|demo/i", $version) && valid_hex32($incident->get_in_charge())) {
$in_charge_name = Acl::get_entity_name($conn, $incident->get_in_charge());
} else {
$in_charge_name = $incident->get_in_charge_name($conn);
}
?>
<td><?php
echo $in_charge_name;
?>
</td>
<?php
$submitter = $incident->get_submitter();
$submitter_data = explode("/", $submitter);
?>
<td><?php
echo $submitter_data[0];
?>
foreach ($repository_list as $doc) {
$id_doc = $doc->get_id();
$date = $doc->get_date();
$atch = $doc->get_attach();
$rel = $doc->get_relationship();
$relevance = $doc->get_relevance();
$in_charge = $doc->get_in_charge();
$creator = $doc->get_creator();
/***** Title Column *****/
$title = "<a href='repository_document.php?id_document={$id_doc}&options=1' class='greyboxw' title='" . $doc->get_title() . "'>" . $doc->get_title() . "</a>";
/***** Owner Column *****/
$username_show = $in_charge;
if ($in_charge == '0') {
$username_show = _("All");
} elseif (Session::is_pro() && valid_hex32($in_charge) && $in_charge != '00000000000000000000000000000000') {
$username_show = Acl::get_entity_name($conn, $in_charge);
}
/***** Attach Column *****/
$attached_docuemts = "\n\t\t<table align='center' class='transparent'>\n\t\t\t<tr>\n\t\t\t\t<td class='transparent'>";
if (count($atch) > 0) {
$attached_docuemts .= "\n\t\t\t<div id='noti_Container'>\n\t\t\t\t<a href='repository_attachment.php?id_document={$id_doc}' class='greybox' title='" . _("Attachements for Document") . "'><img src='images/attach.gif' border=0></a>\n\t\t\t\t<div class='noti_bubble'><span>" . count($atch) . "</span></div>\n\t\t\t</div>";
} else {
$attached_docuemts .= "<a href='repository_attachment.php?id_document={$id_doc}' class='greybox' title='" . _("Attachements for Document") . "'><img src='images/attach.gif' border=0 ></a>";
}
$attached_docuemts .= "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t";
/***** Links Column *****/
$linked_docuemts = "\n\t\t<table align='center' class='transparent'>\n\t\t\t<tr>\n\t\t\t\t<td class='transparent'>";
if (count($rel) > 0) {
$linked_docuemts .= "\n\t\t\t<div id='noti_Container'>\n\t\t\t\t<a href='repository_links.php?id_document={$id_doc}' class='greybox' title='" . _("Relationships for Document") . "'><img src='images/linked2.gif' border=0 ></a>\n\t\t\t\t<div class='noti_bubble'><span>" . count($rel) . "</span></div>\n\t\t\t</div>";
} else {
$linked_docuemts .= "<a href='repository_links.php?id_document={$id_doc}' class='greybox' title='" . _("Relationships for Document") . "'><img src='images/linked2.gif' border=0 ></a>";
$in_charge = $ticket->get_in_charge();
$transferred = $ticket->get_transferred();
$creator = Session::get_list($conn, "WHERE login='******'");
$creator = count($creator) == 1 ? $creator[0] : FALSE;
if ($pro && valid_hex32($in_charge)) {
$in_charge_name = Acl::get_entity_name($conn, $in_charge);
} else {
$in_charge = Session::get_list($conn, "WHERE login='******'");
$in_charge = count($in_charge) == 1 ? $in_charge[0] : FALSE;
$in_charge_name = format_user($in_charge);
}
$is_transferred = FALSE;
if (!empty($transferred)) {
$is_transferred = TRUE;
if ($pro && valid_hex32($transferred)) {
$transferred_name = Acl::get_entity_name($conn, $transferred);
if ($transferred_name == _('Unknown entity')) {
$is_transferred = FALSE;
}
} else {
$transferred = Session::get_list($conn, "WHERE login='******'");
$transferred = count($transferred) == 1 ? $transferred[0] : FALSE;
$transferred_name = format_user($transferred);
}
}
$descrip = $ticket->get_description();
$action = $ticket->get_action();
$status = $ticket->get_status();
$prio = $ticket->get_priority();
$prio_str = Incident::get_priority_string($prio);
$prio_box = Incident::get_priority_in_html($prio);
