function draw_user_header($conn, $user) { $entities = ""; foreach ($user->ctx as $entity) { $entities .= Acl::get_entity_name($conn, $entity) . "<br>"; } if (empty($entities) && Session::am_i_admin()) { $entities = _("Global Admin"); } $header = "\n\t <div class='column_header'>\n\t <div class='db_perm_header_title'>\n\t " . $user->name . "\n\t </div>\n\t <div class='db_perm_header_opts' onclick='toggle_default_tabs(this,\"" . $user->login . "\");'>\n\t " . _("Show Default Tabs") . "\n\t </div>\n\t <div title='{$entities}' class='db_perm_header_icon ui-icon ui-icon-help tooltip'></div>\n\t </div>"; return $header; }
function get_policy_entities($conn) { $entities = $entities_all = array(); $entities_all = Acl::get_entities_to_assign($conn); foreach ($entities_all as $k => $v) { if (Acl::is_logical_entity($conn, $k)) { $parent_id = Acl::get_logical_ctx_id($conn, $k); $parent_id = $parent_id[0]; // first $parent_name = Acl::get_entity_name($conn, $parent_id); $entities[$parent_id] = $parent_name; } else { $entities[$k] = $v; } } asort($entities); return $entities; }
function get_policy_entities($conn) { $entities = $entities_all = array(); $ctx_pro = ''; $entities_all = Acl::get_entities_to_assign($conn); foreach ($entities_all as $k => $v) { if (Acl::is_logical_entity($conn, $k)) { $parent_id = Acl::get_logical_ctx_id($conn, $k); $parent_id = $parent_id[0]; // first $parent_name = Acl::get_entity_name($conn, $parent_id); if (!empty($parent_id)) { $entities[$parent_id] = $parent_name; } } else { $entities[$k] = $v; } } asort($entities); $ctx_pro = array_shift(array_keys($entities)); return array($entities, $ctx_pro); }
// API Login to read email settings // $cc = new Alienvault_client(); $cc->auth()->login('admin', $data->get_pass()); $attachments = array(); $subject = _('Scan Job Notification: ') . $result->fields["name"]; $width = 115; $body = '<html> <head> <title>' . $subject . '</title> </head> <body>' . '<table width="100%" cellspacing="0" cellpadding="0" style="border:0px;">' . '<tr><td colspan="2" style="text-decoration: underline;">' . _('Email scan summary') . '</td></tr>' . '<tr><td colspan="2"> </td></tr>' . '<tr><td width="' . $width . '">' . _('Scan Title:') . '</td><td>' . $result->fields["name"] . '</td></tr>' . '<tr><td width="' . $width . '">' . _('Profile:') . '</td><td>' . $result->fields["profile"] . '</td></tr>'; $body .= '<tr><td width="' . $width . '">' . _('Submit Date:') . '</td><td>SCAN_SUBMIT</td></tr>' . '<tr><td width="' . $width . '">' . _('Start Date:') . '</td><td>SCAN_START</td></tr>'; $body .= '<tr><td width="' . $width . '">' . _('Duration:') . '</td><td>' . (intval($result->fields["duration"]) == 0 ? "< 1 min" : $result->fields["duration"] . " mins") . '</td></tr>' . '<tr><td colspan="2"> </td></tr>' . '<tr><td width="' . $width . '">' . _('Launched By:') . '</td><td>' . ($result->fields["fk_name"] != "" ? $result->fields["fk_name"] : _("Unknown")) . '</td></tr>'; if (valid_hex32($username)) { $visible_for = Acl::get_entity_name($dbconn, $username); } else { $visible_for = $username; } $body .= '<tr><td width="' . $width . '">' . _('Job visible for:') . '</td><td>' . ($visible_for != "" ? $visible_for : _("Unknown")) . '</td></tr>'; $body .= '<tr><td colspan="2"> </td></tr>'; if (intval($report_id) != 0 && $message == "") { $body .= '<tr><td colspan="2" style="text-decoration: underline;">' . _('Summary of Scanned Hosts') . '</td></tr>'; $body .= '<tr><td colspan="2"> </td></tr>'; if (!($result_ip_name = $dbconn->Execute(ossim_query("SELECT distinct t1.hostip as ip, HEX(t1.ctx) as ctx FROM vuln_nessus_results t1 \n WHERE t1.report_id={$report_id}")))) { echo $dbconn->ErrorMsg() . "\n"; $dbconn->close(); return; } $total = 0; while (!$result_ip_name->EOF) {
echo $to_text; // Path to save PDF $dirUser = $uuid . '/' . $value['id'] . '/'; $dirUserPdf = $urlPdf . '/' . $dirUser; newFolder($dirUserPdf); if ($value['save_in_repository'] == '0') { // Delete reports list echo "\n\tDelete reports list from: {$dirUserPdf}\n\n"; clean(null, $dirUserPdf); } // Set name $str_to_replace = array(" ", ":", ".", "&", "/"); //var_dump($value["assets"]); if (preg_match("/ENTITY\\:(\\d+)/", $value["assets"], $fnd)) { $conn = $db->connect(); $e_name = Acl::get_entity_name($conn, $fnd[1]); $assets = "ENTITY: " . $e_name; $db->close($conn); } else { $assets = $value['assets']; } $pdfNameEmail = str_replace($str_to_replace, '_', $value['name_report']) . '_' . str_replace($str_to_replace, '_', $assets); $conn = $db->connect(); $run_at = get_timestamp($conn, $user, gmdate('Y-m-d H:i:s', gmdate('U'))); $user_name = $conn->GetOne("SELECT name FROM users WHERE login='******'"); $db->close(); $subject_email = _("Report") . ": " . $value["schedule_name"] . " " . $value['name_report'] . " " . _("run at") . " " . $run_at; $pdfName = $pdfNameEmail . "_" . time(); $body_email = _("Run as") . ": " . $user_name . "<br />"; $body_email .= _("Run at") . ": " . $run_at . "<br />"; if ($assets == "ALL_ASSETS") {
*/ set_include_path('/usr/share/ossim/include'); require_once 'av_init.php'; $conf = $GLOBALS["CONF"]; $mdays = $conf->get_conf("tickets_max_days"); $send_mail = strtolower($conf->get_conf("tickets_send_mail")); if ($send_mail == "no") { exit; } $db = new ossim_db(); $conn = $db->connect(); $result = $conn->execute("SET SESSION time_zone='+00:00'"); $result = $conn->execute("SELECT id, title, date, ref, type_id, priority, last_update, in_charge, submitter FROM incident inner join incident_tag on incident_tag.incident_id=incident.id WHERE DATEDIFF(now() , date) > {$mdays} AND STATUS = 'open'"); while (!$result->EOF) { if (valid_hex32($result->fields["in_charge"])) { $in_charge = Acl::get_entity_name($conn, $result->fields["in_charge"]); } else { $in_charge = $result->fields["in_charge"]; } $subject = _('Ticket Open: ') . $result->fields["title"]; $body = '<html> <head> <title>' . $subject . '</title> </head> <body>' . '<table width="100%" cellspacing="0" cellpadding="0" style="border:0px;">' . '<tr><td width="75">' . _('Id:') . '</td><td>' . $result->fields["id"] . '</td></tr>' . '<tr><td width="75">' . _('Title:') . '</td><td>' . $result->fields["title"] . '</td></tr>' . '<tr><td width="75">' . _('Date:') . '</td><td>' . $result->fields["date"] . '</td></tr>' . '<tr><td width="75">' . _('Ref:') . '</td><td>' . $result->fields["ref"] . '</td></tr>' . '<tr><td width="75">' . _('Type id:') . '</td><td>' . $result->fields["type_id"] . '</td></tr>' . '<tr><td width="75">' . _('Priority:') . '</td><td>' . $result->fields["priority"] . '</td></tr>' . '<tr><td width="75">' . _('Last update:') . '</td><td>' . $result->fields["last_update"] . '</td></tr>' . '<tr><td width="75">' . _('In charge:') . '</td><td>' . $in_charge . '</td></tr>' . '<tr><td width="75">' . _('Submitter:') . '</td><td>' . $result->fields["submitter"] . '</td></tr>' . '</table>' . '</body> </html>'; if (!valid_hex32($result->fields["in_charge"])) { $user_data = Session::get_list($conn, "WHERE login='******'", "", TRUE); if (is_object($user_data[0])) { if ($user_data[0]->get_email() != '') { Util::send_email($conn, $user_data[0]->get_email(), $subject, $body);
$total = 0; $start = ($page - 1) * $rp; $limit = "LIMIT {$start}, {$rp}"; $policygroup_list = Policy_group::get_list($conn, '', " and policy_group.id <> UNHEX('00000000000000000000000000000000') ORDER BY {$order} {$limit}"); if ($policygroup_list[0]) { $total = $policygroup_list[0]->get_foundrows(); if ($total == 0) { $total = count($policygroup_list); } } $xml = ""; $xml .= "<rows>\n"; $xml .= "<page>{$page}</page>\n"; $xml .= "<total>{$total}</total>\n"; foreach ($policygroup_list as $policygrp) { $id = $policygrp->get_group_id(); $xml .= "<row id='{$id}'>"; $xml .= "<cell><![CDATA[" . $policygrp->get_order() . "]]></cell>"; $pgname = $policygrp->get_name(); $pgname = empty($pgname) ? _("Unknown") : "<a href='newpolicygroupform.php?id={$id}'>{$pgname}</a>"; $xml .= "<cell><![CDATA[" . $pgname . "]]></cell>"; if ($pro) { $entity = Acl::get_entity_name($conn, $policygrp->get_ctx()); $xml .= "<cell><![CDATA[" . $entity . "]]></cell>"; } $xml .= "<cell><![CDATA[" . $policygrp->get_descr() . "]]></cell>"; $xml .= "</row>\n"; } $xml .= "</rows>\n"; echo $xml; $db->close();
//If the id is not empty, we are gonna edit a policy group, otherwise we're gonna create a new one if (!empty($id)) { if ($id == '00000000000000000000000000000000') { echo ossim_error(_("You cannot modify the default group."), AV_NOTICE); exit; } //retrieving policygroup info... $policy_groups = Policy_group::get_list($conn, '', " AND id=UNHEX('{$id}')"); if (!isset($policy_groups[0])) { exit; } $name = $policy_groups[0]->get_name(); $ctx = $policy_groups[0]->get_ctx(); $descr = $policy_groups[0]->get_descr(); if ($pro) { $ctx_name = Acl::get_entity_name($conn, $ctx); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title> <?php echo _("OSSIM Framework"); ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <meta http-equiv="Pragma" content="no-cache"/> <link rel="stylesheet" type="text/css" href="../style/av_common.css?t=<?php echo Util::get_css_id(); ?>
$icon = ' <img src="../pixmaps/user-business.png" align="absmiddle" alt="' . _('Admin') . '"/>'; } elseif (Session::is_pro() && Acl::is_proadmin($conn, $login)) { $icon = ' <img src="../pixmaps/user-gadmin.png" align="absmiddle" alt="' . _('Entity admin') . '"/>'; } $name = " <a style='font-weight:bold;' href=\"./user_form.php?login="******"\">" . $user->get_name() . "</a> "; $email = $user->get_email(); if (Session::is_pro()) { $entities = $user->get_ctx(); $companies = array(); foreach ($entities as $entity_id) { $parents = Acl::get_entity_parents($conn, $entity_id); $parents = array_reverse($parents); $parents[] = $entity_id; $ent_name = array(); foreach ($parents as $eid) { $ent_name[] = Acl::get_entity_name($conn, $eid); } $ent_name = implode('<strong> / </strong>', $ent_name); $companies[] = $ent_name; } $companies = implode(',<br>', $companies); } else { $company = utf8_encode($user->get_company()); $department = utf8_encode($user->get_department()); $companies = $department != '' && $company != '' ? $company . ' - ' . $department : $company; } $last_logon_try = $user->get_last_logon(); if (empty($last_logon_try) || $last_logon_try == '0000-00-00 00:00:00') { $last_logon_try = '-'; } $creation_date = $conn->GetOne("SELECT date FROM log_action WHERE info = 'Configuration - User " . $login . " created' ORDER BY date DESC");
?> <td><?php echo Incident::get_priority_in_html($priority); ?> </td> <td nowrap='nowrap'><?php echo $incident->get_date(); ?> </td> <td nowrap='nowrap'><?php echo $incident->get_life_time(); ?> </td> <?php if (preg_match("/pro|demo/i", $version) && valid_hex32($incident->get_in_charge())) { $in_charge_name = Acl::get_entity_name($conn, $incident->get_in_charge()); } else { $in_charge_name = $incident->get_in_charge_name($conn); } ?> <td><?php echo $in_charge_name; ?> </td> <?php $submitter = $incident->get_submitter(); $submitter_data = explode("/", $submitter); ?> <td><?php echo $submitter_data[0]; ?>
foreach ($repository_list as $doc) { $id_doc = $doc->get_id(); $date = $doc->get_date(); $atch = $doc->get_attach(); $rel = $doc->get_relationship(); $relevance = $doc->get_relevance(); $in_charge = $doc->get_in_charge(); $creator = $doc->get_creator(); /***** Title Column *****/ $title = "<a href='repository_document.php?id_document={$id_doc}&options=1' class='greyboxw' title='" . $doc->get_title() . "'>" . $doc->get_title() . "</a>"; /***** Owner Column *****/ $username_show = $in_charge; if ($in_charge == '0') { $username_show = _("All"); } elseif (Session::is_pro() && valid_hex32($in_charge) && $in_charge != '00000000000000000000000000000000') { $username_show = Acl::get_entity_name($conn, $in_charge); } /***** Attach Column *****/ $attached_docuemts = "\n\t\t<table align='center' class='transparent'>\n\t\t\t<tr>\n\t\t\t\t<td class='transparent'>"; if (count($atch) > 0) { $attached_docuemts .= "\n\t\t\t<div id='noti_Container'>\n\t\t\t\t<a href='repository_attachment.php?id_document={$id_doc}' class='greybox' title='" . _("Attachements for Document") . "'><img src='images/attach.gif' border=0></a>\n\t\t\t\t<div class='noti_bubble'><span>" . count($atch) . "</span></div>\n\t\t\t</div>"; } else { $attached_docuemts .= "<a href='repository_attachment.php?id_document={$id_doc}' class='greybox' title='" . _("Attachements for Document") . "'><img src='images/attach.gif' border=0 ></a>"; } $attached_docuemts .= "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t"; /***** Links Column *****/ $linked_docuemts = "\n\t\t<table align='center' class='transparent'>\n\t\t\t<tr>\n\t\t\t\t<td class='transparent'>"; if (count($rel) > 0) { $linked_docuemts .= "\n\t\t\t<div id='noti_Container'>\n\t\t\t\t<a href='repository_links.php?id_document={$id_doc}' class='greybox' title='" . _("Relationships for Document") . "'><img src='images/linked2.gif' border=0 ></a>\n\t\t\t\t<div class='noti_bubble'><span>" . count($rel) . "</span></div>\n\t\t\t</div>"; } else { $linked_docuemts .= "<a href='repository_links.php?id_document={$id_doc}' class='greybox' title='" . _("Relationships for Document") . "'><img src='images/linked2.gif' border=0 ></a>";
$in_charge = $ticket->get_in_charge(); $transferred = $ticket->get_transferred(); $creator = Session::get_list($conn, "WHERE login='******'"); $creator = count($creator) == 1 ? $creator[0] : FALSE; if ($pro && valid_hex32($in_charge)) { $in_charge_name = Acl::get_entity_name($conn, $in_charge); } else { $in_charge = Session::get_list($conn, "WHERE login='******'"); $in_charge = count($in_charge) == 1 ? $in_charge[0] : FALSE; $in_charge_name = format_user($in_charge); } $is_transferred = FALSE; if (!empty($transferred)) { $is_transferred = TRUE; if ($pro && valid_hex32($transferred)) { $transferred_name = Acl::get_entity_name($conn, $transferred); if ($transferred_name == _('Unknown entity')) { $is_transferred = FALSE; } } else { $transferred = Session::get_list($conn, "WHERE login='******'"); $transferred = count($transferred) == 1 ? $transferred[0] : FALSE; $transferred_name = format_user($transferred); } } $descrip = $ticket->get_description(); $action = $ticket->get_action(); $status = $ticket->get_status(); $prio = $ticket->get_priority(); $prio_str = Incident::get_priority_string($prio); $prio_box = Incident::get_priority_in_html($prio);