function jgraph_attack_graph($target, $hosts, $type = "Bar3D", $width = 450, $height = 250) { global $security_report; global $datapath; global $base_dir; global $date_from, $date_to; if (!strcmp($target, "ip_src")) { if (!($fp = @fopen("{$base_dir}/tmp/ip_src.xml", "w"))) { print "Error: <b>{$datapath}</b> directory must exists and be <br/>\n"; print "writable by the user the webserver runs as"; exit; } } else { if (!($fp = @fopen("{$base_dir}/tmp/ip_dst.xml", "w"))) { print "Error: <b>{$datapath}</b> directory must exists and be <br/>\n"; print "writable by the user the webserver runs as"; exit; } } fwrite($fp, "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n" . "<CategoryDataset>\n <Series name=\"{$target}\">\n"); $list = $security_report->AttackHost($target, $hosts, "event", $date_from, $date_to); foreach ($list as $l) { $ip = $l[0]; $ctx = $l[2] != '' ? $l[2] : Session::get_default_ctx(); $occurrences = $l[1]; $_names_aux = Asset_host::get_name_by_ip($security_report->ossim_conn, $ip, $ctx); $hostname = array_shift($_names_aux); if (strlen($hostname) > MAX_HOSTNAME_LEN) { $hostname = $ip; } fwrite($fp, " <Item>\n <Key>{$hostname}</Key>\n <Value>{$occurrences}</Value>\n </Item>\n"); } fwrite($fp, " </Series>\n</CategoryDataset>\n\n"); fclose($fp); echo "\n<applet archive=\"../java/jcommon-0.9.5.jar,../java/jfreechart-0.9.20.jar,../java/jossim-graph.jar\" code=\"net.ossim.graph.applet.OssimGraphApplet\" width=\"{$width}\" height=\"{$height}\" alt=\"You should see an applet, not this text.\">\n <param name=\"graphType\" value=\"{$type}\">"; if (!strcmp($target, "ip_src")) { echo " <param name=\"xmlDataUrl\" value=\"{$datapath}/ip_src.xml\">"; } else { echo " <param name=\"xmlDataUrl\" value=\"{$datapath}/ip_dst.xml\">"; } echo "\n <param name=\"alpha\" value=\"0.42f\">\n <param name=\"legend\" value=\"false\">\n <param name=\"tooltips\" value=\"false\">\n <param name=\"orientation\" value=\"HORIZONTAL\">\n</applet>\n"; }
function print_form($import_type) { $config = array('networks' => array('contexts' => array('show_tree' => Session::show_entities(), 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => TRUE, 'checked' => FALSE), 'help' => array('Version 4.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value"*;"Net ID"'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '";"2";"479D45C0BBF22B4458BD2F8EE09ECAC2"'), 'Version 3.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description";"Asset value";"Sensors(Sensor1,Sensor2,...)"*'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '";"2";"192.168.10.2,192.168.10.3"'))), 'welcome_wizard_nets' => array('contexts' => array('show_tree' => FALSE, 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => FALSE, 'checked' => TRUE), 'help' => array('Version 4.x.x' => array('format' => _('"Netname"*;"CIDRs(CIDR1,CIDR2,...)"*;"Description"'), 'example' => '"Net_1";"192.168.10.0/24,192.168.9.0/24";"' . _('Short description') . '"')))); if (!array_key_exists($import_type, $config)) { echo ossim_error(_('Error! Import Type not found')); } else { ?> <div id='av_info'></div> <form name='form_csv' id='form_csv' method='POST' action='import_all_nets_ajax.php' enctype='multipart/form-data' target='iframe_upload'> <input type="hidden" name="ctx" id="ctx" value="<?php echo $config[$import_type]['contexts']['default_value']; ?> "/> <input type="hidden" name="import_type" id="import_type" value="<?php echo $import_type; ?> "/> <table id='form_container'> <?php //Context if ($config[$import_type]['contexts']['show_tree'] == TRUE) { ?> <tr class='left'> <td class="td_title"> <span><?php echo _('Select the Entity for the nets'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <table id="t_tree"> <tr> <td class='noborder'> <div id="tree"></div> </td> </tr> <tr> <td id='td_es'> <span class='bold'><?php echo _('Entity selected'); ?> :</span> <span id="entity_selected"> - </span> </td> </tr> </table> </td> </tr> <?php } $top_class = $import_type == 'welcome_wizard_nets' ? 'td_top' : ''; //Input File ?> <tr> <td class='td_title <?php echo $top_class; ?> '> <span><?php echo _('Choose a CSV file'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <input name='file_csv' id='file_csv' type='file' size='38'/> <?php if ($config[$import_type]['chk_iic']['show'] == TRUE) { $checked_iic = $config[$import_type]['chk_iic']['checked'] == TRUE ? 'checked="checked"' : ''; ?> <span class='ignore_span'> <input type='checkbox' name='iic' id='iic' <?php echo $checked_iic; ?> value='1'/> <label for='iic' style='margin-left: 2px;'><?php echo _('Ignore invalid characters'); ?> </label> </span> <?php } else { $chk_iic_value = $config[$import_type]['chk_iic']['checked'] == TRUE ? '1' : '0'; ?> <input type='hidden' name='iic' id='iic' value="<?php echo $chk_iic_value; ?> "/> <?php } ?> </td> </tr> <tr> <td class='td_content'> <div id='c_send'> <input type='button' name='send' id='send' value='<?php echo _('Import'); ?> '/> </div> </td> </tr> <tr> <td class='td_title'> <span><?php echo _('Formats allowed'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <table id='t_format'> <?php //Help foreach ($config[$import_type]['help'] as $version => $help_data) { ?> <tr> <td class='td_version'> <?php echo $version; ?> : </td> </tr> <tr> <td class='td_format'> <?php echo $help_data['format']; ?> </td> </tr> <tr> <td class='td_example'> <?php echo $help_data['example']; ?> </td> </tr> <?php } ?> </table> </td> </tr> <tr> <td class='td_title'> <span><?php echo _('Notes'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <ul id='note_list'> <li><?php echo _('Characters allowed: A-Z, a-z, 0-9, ., :, _ and -'); ?> </li> <li><?php echo _('Values marked with (*) are mandatory'); ?> </li> </ul> </td> </tr> </table> <div id='c_resume'></div> <iframe name="iframe_upload" id="iframe_upload" style="display:none;"></iframe> </form> <?php } }
if (Session::is_pro()) { if (!valid_hex32($ctx) || Acl::entityAllowed($ctx) < 1) { $msg_error = empty($ctx) ? _('You must select an entity') : _('Entity not allowed'); ?> <script type='text/javascript'> parent.show_error('<?php echo $msg_error; ?> '); </script> <?php exit; } } else { $ctx = Session::get_default_ctx(); } if (!empty($_FILES['file_csv']['name'])) { if ($_FILES['file_csv']['error'] > 0) { $msg_error = _('Unable to upload file. Return Code') . ': ' . $_FILES['file_csv']['error']; } else { if (!is_allowed_format($_FILES['file_csv']['type'])) { $msg_error = _('File type \'' . $_FILES['file_csv']['type'] . '\' not allowed'); } elseif (@move_uploaded_file($_FILES['file_csv']['tmp_name'], $file_csv) == FALSE) { $msg_error = empty($msg_error) ? _('Unable to upload file') : $msg_error; } } } else { $msg_error = _('Filename is empty'); } if (!empty($msg_error)) {
<tr> <td class="noborder" id='td_delete'> <input type="button" value=" [X] " onclick="deletefrom('entities')" class="small"/> </td> </tr> <?php } ?> </table> </td> </tr> <?php } else { ?> <input type="hidden" name="entities[]" id="entities" class='vfield' value="<?php echo Session::get_default_ctx(); ?> "/> <input type="hidden" name="num_entities_check" id="num_entities_check" value="<?php if (!Session::is_pro()) { echo "1"; } ?> "/> <?php } } ?> <tr> <th> <label for='priority'><?php
"/> </head> <body> <?php if (POST('insert')) { if ($data['status'] == 'error') { $txt_error = "<div>" . _("We Found the following errors") . ":</div>\n \t\t\t\t\t <div style='padding: 2px 10px 5px 10px;'>" . implode("<br/>", $data['data']) . "</div>"; $config_nt = array('content' => $txt_error, 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align: left;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); Util::make_form("POST", "newserverform.php"); $db->close(); exit; } if (!Session::hostAllowed_by_ip_ctx($conn, $ip, Session::get_default_ctx())) { $db->close(); die(ossim_error(_("You don't have permission to create a new server with this IP Address"))); } // Try to attach a new server $client = new Alienvault_client(); $response = $client->system()->set_component($ip, $rpass); $return = @json_decode($response, TRUE); if (!$return || $return['status'] == 'error') { $config_nt = array('content' => $return['message'], 'options' => array('type' => 'nf_error', 'cancel_button' => FALSE), 'style' => 'width: 80%; margin: 20px auto; text-align:center;'); $nt = new Notification('nt_1', $config_nt); $nt->show(); Util::make_form("POST", "newserverform.php"); $db->close(); exit; } else {
<tr> <td style="width:80mm;" valign="top"> <table style="width:80mm; padding-top: 10px; padding-bottom: 10px;"> <tr> <th>' . gettext("Host") . '</th> <th class="center">' . gettext("Occurrences") . '</th> </tr>'); $c = 0; $shared_file = $dDB["_shared"]->dbfile(); $dDB["_shared"]->put("SS_AttackedHost" . $runorder, $list); $font_size = getFontSizeSIEM($list); foreach ($list as $l) { $ip = $l[0]; $occurrences = number_format($l[1], 0, ",", "."); $host_id = $l[2]; $ctx = $l[3] != '' ? $l[3] : Session::get_default_ctx(); $host_output = Asset_host::get_extended_name($security_report->ossim_conn, $geoloc, $ip, $ctx, $host_id); $os_pixmap = $host_id != "" ? Asset_host_properties::get_os_by_host($security_report->ossim_conn, $host_id) : ""; $hostname = $host_id != "" ? $host_output['name'] : $ip; $icon = $host_output['html_icon']; $link = "{$acid_link}/" . $acid_prefix . "_stat_alerts.php?&" . "num_result_rows=-1&" . "submit=Query+DB&" . "current_view=-1&" . "ip_addr[0][1]={$target}&" . "ip_addr[0][2]==&" . "ip_addr[0][3]={$ip}&" . "ip_addr_cnt=1&" . "sort_order=time_d"; $bc = $c++ % 2 != 0 ? "class='par'" : ""; $htmlPdfReport->set(' <tr ' . $bc . '> <td style="width:55mm;font-size:' . $font_size . 'px">' . $icon . ' ' . Util::wordwrap($hostname, 21, " ", true) . ' ' . $os_pixmap . '</td> <td style="width:22mm;text-align:center;font-size:' . $font_size . 'px">' . $occurrences . '</td> </tr>'); } $htmlPdfReport->set(' </table> </td>
asort($entities); $ctx_pro = array_shift(array_keys($entities)); return array($entities, $ctx_pro); } $db = new ossim_db(); $conn = $db->connect(); $pro = Session::is_pro(); $avmssp = true; //intval($conf->get_conf("alienvault_mssp", FALSE)); $contexts = array(); $engines = array(); $ctx_prev = ''; if ($pro) { list($entities, $ctx_prev) = get_policy_entities($conn, $ctx_pro); } else { $ctx_prev = Session::get_default_ctx(); $entities[$ctx_prev] = Session::get_entity_name($conn, $ctx_prev); } $ctx = GET("ctx") != "" ? GET("ctx") : $_SESSION['policy_ctx']; $reorder = GET("reorder"); if (empty($ctx)) { $ctx = $ctx_prev; } ossim_valid($ctx, OSS_HEX, 'illegal:' . _("ctx")); ossim_valid($reorder, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Policy Option")); if (ossim_error()) { die(ossim_error()); } $_SESSION['policy_ctx'] = $ctx; $conf = $GLOBALS["CONF"]; $server_logger_if_priority = is_null($conf->get_conf("server_logger_if_priority", false)) ? 0 : $conf->get_conf("server_logger_if_priority");
/* Check for a NULL IP which indicates an event (e.g. portscan) * which has no IP */ if ($no_ip) { qroPrintEntry(gettext("unknown")); qroPrintEntry(gettext("N/A"), "center", "middle"); } else { $geo_info = Asset_host::get_extended_location($_conn, $geoloc, $currentIP); if ($geo_info['html_icon'] != '') { $country_img = $geo_info['html_icon'] . ' '; $slnk = $current_url . preg_replace("/.*src\\='\\/ossim([^']+)'.*/", "\\1", $country_img); } else { $country_img = ""; $slnk = ""; } $div = '<div id="' . $currentIP . ';' . $currentIP . ';' . $host_id . '" ctx="' . (Session::show_entities() ? $ctx : Session::get_default_ctx()) . '" class="HostReportMenu" style="padding:0px 0px 0px 25px">'; //'.getrepbgcolor($prio,1).' $bdiv = '</div>'; qroPrintEntry($div . $country_img . " " . BuildAddressLink($currentIP, 32) . $currentIP . '</A> ' . $bdiv, 'left', '', 'nowrap'); qroPrintEntry(getrepimg($prio, $rel, $act, $currentIP), "center", "middle"); } if ($resolve_IP == 1) { qroPrintEntry(' ' . baseGetHostByAddr($currentIP, $ctx, $db) . ' '); } /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&sort_order=occur_d'; if ($addr_type == 1) { if ($no_ip) { $url_criteria = BuildSrcIPFormVars(NULL_IP); } else {
function print_form($import_type) { $config = array('hosts' => array('contexts' => array('show_tree' => Session::show_entities(), 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => TRUE, 'checked' => FALSE), 'help' => array('Version 4.x.x, 5.x.x' => array('format' => _('"IPs(IP1,IP2,...)";"Hostname";"FQDNs(FQDN1,FQDN2,...)";"Description";"Asset Value";"Operating System";"Latitude";"Longitude";"Asset ID";"External Asset";"Device Types(Type1,Type2,...)"'), 'header' => '"IPs";"Hostname";"FQDNs";"Description";"Asset Value";"Operating System";"Latitude";"Longitude";"Asset ID";"External Asset";"Device Type"', 'example' => '"192.168.10.3";"Host-1";"www.example-1.es,www.example-2.es";"' . _('Short description') . '";"2";"Windows";"23.78";"121.45";"379D45C0BBF22B4458BD2F8EE09ECCC2";0;"Server:Mail Server"'), 'Version 3.x.x' => array('format' => _('"IP";"Hostname";"FQDNs(FQDN1,FQDN2,...)";"Description";"Asset Value";"Sensors(Sensor1,Sensor2,...)";"Operating System";"Latitude";"Longitude"'), 'header' => '"IP";"Hostname";"FQDNs";"Description";"Asset Value";"Sensors";"Operating System";"Latitude";"Longitude"', 'example' => '"192.168.10.3";"Host-1";"www.example-1.es,www.example-2.es";"' . _('Short description') . '";"2";"192.168.10.2,192.168.10.3";"Windows";"23.78";"121.45"'))), 'welcome_wizard_hosts' => array('contexts' => array('show_tree' => FALSE, 'default_value' => Session::get_default_ctx()), 'chk_iic' => array('show' => FALSE, 'checked' => TRUE), 'help' => array('Version 4.x.x or higher' => array('format' => _('"IPs(IP1,IP2,...)";"Hostname";"Description";"Operating System";"Device Type(Type1,Type2,...)"'), 'header' => _('"IPs";"Hostname";"Description";"Operating System";"Device Type"'), 'example' => '"192.168.10.3";"Host-1";"' . _('Short description') . '";"Windows";"Server,Network Device"')))); $paths = Asset::get_path_url(FALSE); $form_action = $paths['asset']['controllers'] . 'import_all_hosts_ajax.php'; if (!array_key_exists($import_type, $config)) { echo ossim_error(_('Error! Import Type not found')); } else { ?> <div id='av_info'></div> <form name='form_csv' id='form_csv' method='POST' action='<?php echo $form_action; ?> ' enctype='multipart/form-data' target='iframe_upload'> <input type="hidden" name="ctx" id="ctx" value="<?php echo $config[$import_type]['contexts']['default_value']; ?> "/> <input type="hidden" name="import_type" id="import_type" value="<?php echo $import_type; ?> "/> <table id='form_container'> <?php //Context if ($config[$import_type]['contexts']['show_tree'] == TRUE) { ?> <tr class='left'> <td class="td_title"> <span><?php echo _('Select the Entity for the assets'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <table id="t_tree"> <tr> <td class='noborder'> <div id="tree"></div> </td> </tr> <tr> <td id='td_es'> <span class='bold'><?php echo _('Entity selected'); ?> :</span> <span id="entity_selected"> - </span> </td> </tr> </table> </td> </tr> <?php } //Input File ?> <tr> <td class='td_title'> <span><?php echo _('Choose a CSV file'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <input name='file_csv' id='file_csv' type='file' size='38'/> <?php if ($config[$import_type]['chk_iic']['show'] == TRUE) { $checked_iic = $config[$import_type]['chk_iic']['checked'] == TRUE ? 'checked="checked"' : ''; ?> <span class='ignore_span'> <input type='checkbox' name='iic' id='iic' <?php echo $checked_iic; ?> value='1'/> <label for='iic' style='margin-left: 2px;'><?php echo _('Ignore invalid characters (Hostnames)'); ?> </label> </span> <?php } else { $chk_iic_value = $config[$import_type]['chk_iic']['checked'] == TRUE ? '1' : '0'; ?> <input type='hidden' name='iic' id='iic' value="<?php echo $chk_iic_value; ?> "/> <?php } ?> </td> </tr> <tr> <td class='td_content'> <div id='c_send'> <input type='button' name='send' id='send' value='<?php echo _('Import'); ?> '/> </div> </td> </tr> <tr> <td class='td_title'> <span><?php echo _('Formats allowed'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <table id='t_format'> <?php //Help foreach ($config[$import_type]['help'] as $version => $help_data) { ?> <tr> <td class='td_version'> <?php echo $version; ?> : </td> </tr> <tr> <td class='td_format'> <strong><?php echo _('Format'); ?> :</strong> <?php echo $help_data['format']; ?> </td> </tr> <tr> <td class='td_header'> <strong><?php echo _('Header'); ?> :</strong> <?php echo $help_data['header']; ?> </td> </tr> <tr> <td class='td_example'> <strong><?php echo _('Example'); ?> :</strong> <?php echo $help_data['example']; ?> </td> </tr> <tr> <td></td> </tr> <?php } ?> </table> </td> </tr> <tr> <td class='td_title'> <span><?php echo _('Notes'); ?> :</span> </td> </tr> <tr> <td class='td_content'> <ul id='note_list'> <li><?php echo _('IP address and sensor fields cannot be empty'); ?> </li> <li><?php echo _('Hostname syntax defined by RFC 1123'); ?> </li> <?php if ($import_type == 'hosts') { ?> <li><?php echo _('FQDN syntax defined by RFC 1035, RFC 1123 and RFC 2181'); ?> </li> <li> <span><?php echo _('Valid Operating System values'); ?> :</span> <div style='padding-left: 10px; font-style: italic;'> Windows, Linux, FreeBSD, NetBSD, OpenBSD, MacOS, Solaris, Cisco, AIX,HP-UX, Tru64, IRIX, BSD/OS, SunOS, Plan9 <?php echo _('or'); ?> IPhone </div> </li> <?php } else { ?> <li> <span><?php echo _('Valid Operating System values'); ?> :</span> <span class='italic'>Windows <?php echo _('or'); ?> Linux</span> </li> <li> <span><?php echo _('Valid Device Types'); ?> :</span> <span class='italic'>Server <?php echo _('or'); ?> Network Device</span> </li> <?php } ?> </ul> </td> </tr> </table> <div id='c_resume'></div> <iframe name="iframe_upload" id="iframe_upload" style='display:none;'></iframe> </form> <?php } }
</div> <form name='ng_form' id='ng_form' method="POST" action="<?php echo $action; ?> "> <input type="hidden" name="id" id="id" class='vfield' value="<?php echo $id; ?> "/> <input type="hidden" name="insert" value="insert"/> <input type="hidden" name="rrd_profile" value=""/> <?php $ctx = Session::show_entities() ? $ctx : Session::get_default_ctx(); ?> <input type="hidden" name="ctx" id="ctx" value="<?php echo $ctx; ?> " class="vfield"/> <table align="center" id='table_form'> <tr> <th><label for='ngname'><?php echo _('Name') . required(); ?> </label></th> <td class="left"><input type='text' name='ngname' id='ngname' class='vfield' value="<?php echo $ngname; ?>
function save_filter($conn, $filters, $data) { //Getting the number of filters to be applied of the group $cont = $filters->get_num_filter_added(); //We need at least one, otherwise we show an error. if ($cont < 1) { $return['error'] = TRUE; $return['msg'] = _('At least one filter needed'); return $return; } $name = utf8_decode($data['name']); $descr = utf8_decode($data['descr']); ossim_valid($name, OSS_NOECHARS, OSS_ALPHA, OSS_PUNC, 'illegal:' . _('Group Name')); ossim_valid($descr, OSS_ALPHA, OSS_NULLABLE, OSS_PUNC, OSS_AT, OSS_NL, 'illegal:' . _('Description')); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); ossim_clean_error(); return $response; } //Trying to save the filters, in case of error an exception will arise try { $new_id = Util::uuid(); $ctx = Session::get_default_ctx(); $group = new Asset_group($new_id); $group->set_name($name); $group->set_descr($descr); $group->set_ctx($ctx); $group->save_in_db($conn); $group->save_assets_from_search($conn); $filters->empty_filter_search($conn); $return['error'] = FALSE; $return['id'] = $new_id; $return['msg'] = 'ok'; Asset_filter_list::delete_filters_from_session(); } catch (Exception $e) { $return['error'] = TRUE; $return['msg'] = $e->getMessage(); } return $return; }
//Asset Type $asset_type = REQUEST('asset_type'); //Database connection $db = new ossim_db(); $conn = $db->connect(); if ($edition_type == 'single') { // Single edition $id = GET('id'); $_ip = GET('ip'); $_ctx = GET('ctx'); //Getting host by IP and CTX if (empty($id) && !empty($_ctx) && !empty($_ip)) { $entity_type = Session::get_entity_type($conn, $_ctx); $entity_type = strtolower($entity_type); //Sometimes CTX is an engine instead of context $_ctx = $entity_type == 'context' ? $_ctx : Session::get_default_ctx(); if (Asset_host_ips::valid_ip($_ip) && valid_hex32($_ctx)) { $aux_ids = Asset_host::get_id_by_ips($conn, $_ip, $_ctx); $aux_id = key($aux_ids); if (Asset_host::is_in_db($conn, $aux_id)) { $id = $aux_id; } } else { unset($_ip); unset($_ctx); } } if (!empty($id) && Asset_host::is_in_db($conn, $id)) { ossim_valid($id, OSS_HEX, 'illegal:' . _('Asset ID')); if (ossim_error()) { echo ossim_error(_('Error! Asset not found'));
function get_subcategories($conn, $data) { $ctx = empty($data['ctx']) ? Session::get_default_ctx() : $data['ctx']; $id = $data['id']; ossim_valid($ctx, OSS_HEX, 'illegal:' . _("CTX")); ossim_valid($id, OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Category ID")); if (ossim_error()) { $info_error = "Error: " . ossim_get_error(); ossim_clean_error(); $return['error'] = TRUE; $return['msg'] = $info_error; return $return; } $result = "<option value='0' selected='selected'>" . _("ANY") . "</option>"; $query = "SELECT id, name FROM subcategory where cat_id = ?"; $params = array($id); if (!($rs =& $conn->Execute($query, $params))) { $return['error'] = TRUE; $return['msg'] = $conn->ErrorMsg(); return $return; } else { while (!$rs->EOF) { $result .= "<option value='" . $rs->fields["id"] . "'>" . $rs->fields["name"] . "</option>\n"; $rs->MoveNext(); } } $return['error'] = FALSE; $return['data'] = $result; return $return; }