function update_profile($sid, $sname, $sdescription, $stype, $sautoenable, $auto_cat_status, $auto_fam_status, $tracker)
{
global $uroles, $dbconn, $conf;
$username = $stype;
// Owner Profile
$host_tracker = 0;
// $result = $dbconn->execute("select owner
// from vuln_nessus_settings
// where id = $sid");
// list ($myowner)=$result->fields;
// if ($myowner <> $username && !$uroles[admin]) {
// echo "Access denied: You do not own this profile and are not an admin
// - (owner = $myowner)\n";
// //require_once('footer.php');
// die ();
// }
// "G" is global, blank is a private scan profile
if ($stype == TRUE) {
$stype = "G";
} else {
$stype = "";
}
if ($tracker == "on") {
$host_tracker = 1;
}
$query = "update vuln_nessus_settings \n set name='{$sname}', description='{$sdescription}', \n type='{$stype}', autoenable='{$sautoenable}',\n auto_cat_status = {$auto_cat_status},\n auto_fam_status = {$auto_fam_status},\n update_host_tracker='{$host_tracker}',\n owner = '{$username}'\n where id={$sid}";
$result = $dbconn->execute($query);
reset($_POST);
// if form method="post"
while (list($key, $value) = each($_POST)) {
$value = Util::htmlentities(mysql_real_escape_string(trim($value)), ENT_QUOTES);
if (substr($key, 0, 2) == "f_") {
$type = substr($key, 0, 1);
$key = substr($key, 2);
$query = "update vuln_nessus_settings_family \n set status={$value} \n where sid={$sid} and fid={$key}";
$results = $dbconn->Execute($query);
} elseif (substr($key, 0, 2) == "c_") {
$type = substr($key, 0, 1);
$key = substr($key, 2);
$query = "update vuln_nessus_settings_category set status={$value} where sid={$sid} and cid={$key}";
$results = $dbconn->Execute($query);
}
}
if ($sautoenable == "C") {
$query = "select t1.cid, t1.status from vuln_nessus_settings_category as t1, vuln_nessus_category as t2 where sid={$sid}";
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($cid, $catstatus) = $result->fields;
if ($catstatus == 4) {
$query1 = "update vuln_nessus_settings_plugins set enabled='N' where category={$cid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
} elseif ($catstatus == 1) {
$query1 = "update vuln_nessus_settings_plugins set enabled='Y' where category={$cid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
}
$result->MoveNext();
}
} elseif ($sautoenable == "F") {
$query = "select t1.fid, t1.status from vuln_nessus_settings_family as t1, vuln_nessus_family as t2 where sid={$sid}";
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($fid, $catstatus) = $result->fields;
if ($catstatus == 4) {
$query1 = "update vuln_nessus_settings_plugins set enabled='N' where family={$fid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
} elseif ($catstatus == 1) {
$query1 = "update vuln_nessus_settings_plugins set enabled='Y' where family={$fid} and sid={$sid}";
$result1 = $dbconn->execute($query1);
}
$result->MoveNext();
}
}
//echo "Profile Updated<BR>";
?>
<script type="text/javascript">
//<![CDATA[
document.location.href='settings.php?hmenu=Vulnerabilities&smenu=ScanProfiles';
//]]>
</script><?php
//logAccess( "Updated Autoenable Settings for Profile $sid" );
if (preg_match("/omp\\s*\$/i", $nessus_path)) {
$omp = new OMP();
$omp->set_plugins_by_family($sid);
}
edit_profile($sid);
}
