function get_ip_reputation_summary() { $data = POST('data'); $type = intval($data['type']); //Initialization of Vars $ips = array(); $top = array(); $chart = array(); $total = 0; $date = _('Unknown'); $Reputation = new Reputation(); if ($Reputation->existReputation()) { list($ips, $cou, $order, $total) = $Reputation->get_data($type, 'All'); session_write_close(); //Getting IPs by Country $cou = array_splice($cou, 0, 10); foreach ($cou as $c => $value) { $info = explode(";", $c); $flag = ''; if ($info[1] != '') { $flag = "<img src='/ossim/pixmaps/" . ($info[1] == "1x1" ? "" : "flags/") . strtolower($info[1]) . ".png'>"; } $top[] = array('flag' => $flag, 'name' => $info[0], 'occurrences' => Util::number_format_locale($value, 0)); } //Getting IPs by Activity $order = array_splice($order, 0, 10); foreach ($order as $type => $ocurrences) { $chart[] = array($type . ' [' . Util::number_format_locale($ocurrences, 0) . ']', $ocurrences); } //Getting total of IPs $total = Util::number_format_locale($total, 0); //Getting Date of the last Update. $date = gmdate("Y-m-d H:i:s", filemtime($Reputation->rep_file) + 3600 * Util::get_timezone()); } return array('ips' => $ips, 'top_countries' => $top, 'ip_by_activity' => $chart, 'total' => $total, 'last_updated' => $date); }
</td></tr> <tr> <td style="height:106px" align="center"> <div id="graph2" style="text-align:center;margin:0px;height:104px;width:98%"></div> </td> </tr> <script language="javascript" type="text/javascript"> $( function () { $.plot($("#graph2"), [ <?php $i = 0; foreach ($list2 as $l) { $ip = $l[0]; $occurrences = Util::number_format_locale($l[1], 0); $hostname = Host::ip2hostname($conn, $ip); $os_pixmap = Host_os::get_os_pixmap($conn, $ip); $label = str_replace("'", "\\'", "[<b>{$occurrences}</b>] {$hostname} {$os_pixmap}"); //if (strlen($label)>31) $label = substr($label, 0, 30).".."; ?> <?php echo $i++ == 0 ? "" : ","; ?> { label: '<?php echo $label; ?> ', data: <?php echo $l[1]; ?> }
if ($country) { $country_img = " <img src=\"/ossim/pixmaps/flags/" . $country . ".png\" alt=\"{$country_name}\" title=\"{$country_name}\">"; $slnk = $current_url . "/pixmaps/flags/" . $country . ".png"; } else { $country_img = ""; $slnk = ""; } /* Print out */ qroPrintEntryHeader($i); $tmp_rowid = $device_id; echo ' <TD><INPUT TYPE="checkbox" NAME="action_chk_lst[' . $i . ']" VALUE="' . $tmp_rowid . '">'; echo ' <INPUT TYPE="hidden" NAME="action_lst[' . $i . ']" VALUE="' . $tmp_rowid . '"></TD>'; qroPrintEntry($sensor_ip, 'center', 'middle'); qroPrintEntry($sname . $country_img . $homelan, 'center', 'middle'); qroPrintEntry($device_ip, 'center', 'middle'); qroPrintEntry('<A HREF="base_qry_main.php?new=1&sensor=' . $device_id . '&num_result_rows=-1&submit=' . gettext("Query DB") . '">' . Util::number_format_locale($event_cnt, 0) . '</A>', 'center', 'middle'); qroPrintEntry('<div id="ua' . $device_id . '" class="sens">' . $unique_event_cnt . '</div>', 'center', 'middle', 'nowrap'); qroPrintEntry('<div id="sa' . $device_id . '">' . $num_src_ip . '</div>', 'center', 'middle', 'nowrap'); qroPrintEntry('<div id="da' . $device_id . '">' . $num_dst_ip . '</div>', 'center', 'middle', 'nowrap'); /*qroPrintEntry(BuildUniqueAlertLink("?sensor=" . $device_id) . $unique_event_cnt . '</A>'); qroPrintEntry(BuildUniqueAddressLink(1, "&sensor=" . $device_id) . $num_src_ip . '</A>'); qroPrintEntry(BuildUniqueAddressLink(2, "&sensor=" . $device_id) . $num_dst_ip . '</A>');*/ qroPrintEntryFooter(); $i++; // report_data $report_data[] = array($sname, $slnk, $num_src_ip, $num_dst_ip, "", "", $sensor_ip, $device_ip, "", "", "", 0, $event_cnt, $unique_event_cnt); } $result->baseFreeRows(); $dbo->close($_conn); $qro->PrintFooter(); $qs->PrintBrowseButtons();
$report_data = array(); // data to fill report_data if (is_array($_SESSION["server"]) && $_SESSION["server"][0] != "") { $_conn = $dbo->custom_connect($_SESSION["server"][0], $_SESSION["server"][2], $_SESSION["server"][3]); } else { $_conn = $dbo->connect(); } while (($myrow = $result->baseFetchRow()) && $i < $qs->GetDisplayRowCnt()) { $ctx = $myrow["ctx"]; $product_type = GetSourceType($myrow["product_type"], $db); $total_occurances = $myrow["events"]; $urlp = "base_qry_main.php?new=1&submit=" . gettext("Query DB") . "&sourcetype=" . urlencode($myrow["product_type"]); //$urlp = "base_stat_ptypes.php?sort=occur_d&sourcetype=".urlencode($myrow["product_type"]); qroPrintEntryHeader($i); qroPrintEntry('  <a href="' . $urlp . '">' . $product_type . '</a>', 'left', "", "nowrap"); qroPrintEntry(' <a href="' . $urlp . '">' . Util::number_format_locale($total_occurances, 0) . '</a>', "center", "", ""); qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), "center", "", ""); qroPrintEntry(" <A class='usig' id='sg" . $myrow["product_type"] . "-{$ctx}' HREF='{$urlp}'>-</a>", "left", "", ""); qroPrintEntry("<div id='ts" . $myrow["product_type"] . "-{$ctx}'>-</div>", "center", "", "nowrap"); qroPrintEntryFooter(); $i++; $prev_time = null; } $result->baseFreeRows(); $dbo->close($_conn); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons(); $qs->SaveState(); echo "\n</FORM>\n"; PrintBASESubFooter();
** (see the file 'base_main.php' for license details) ** ** Built upon work by Roman Danyliw <*****@*****.**>, <*****@*****.**> ** Built upon work by the BASE Project Team <*****@*****.**> */ require "base_conf.php"; require "vars_session.php"; require_once 'classes/Util.inc'; require "{$BASE_path}/includes/base_constants.inc.php"; require "{$BASE_path}/includes/base_include.inc.php"; include_once "{$BASE_path}/base_db_common.php"; include_once "{$BASE_path}/base_qry_common.php"; include_once "{$BASE_path}/base_stat_common.php"; if ($_SESSION['_siem_sensor_query'] == "") { echo "-##-##-"; die; } $device_id = ImportHTTPVar("id", VAR_DIGIT); $sql = str_replace("DEVICEID", $device_id, $_SESSION['_siem_sensor_query']); session_write_close(); $qs = new QueryState(); $db = NewBASEDBConnection($DBlib_path, $DBtype); $db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password); $rs = $qs->ExecuteOutputQueryNoCanned($sql, $db); if ($row = $rs->baseFetchRow()) { $unique_addrs = BuildUniqueAlertLink("?sensor=" . urlencode($device_id)) . Util::number_format_locale($row[0], 0) . '</A>'; $src_addrs = BuildUniqueAddressLink(1, "&sensor=" . urlencode($device_id)) . Util::number_format_locale($row[1], 0) . '</A>'; $dst_addrs = BuildUniqueAddressLink(2, "&sensor=" . urlencode($device_id)) . Util::number_format_locale($row[2], 0) . '</A>'; } $rs->baseFreeRows(); echo "{$unique_addrs}##{$src_addrs}##{$dst_addrs}";
function PrintTimeProfile($time) { global $cnt, $label_lst, $value_lst, $value_POST_lst; $time_str = "&time_range=day"; /* find max value */ $max_cnt = $value_lst[0]; for ($i = 0; $i < $cnt; $i++) { if ($value_lst[$i] > $max_cnt) { $max_cnt = $value_lst[$i]; } } echo '<TABLE BORDER=0 WIDTH="100%"> <TR><TD CLASS="header" width="25%">' . gettext("Time") . '</TD> <TD CLASS="header" width="15%"># ' . gettext("of events") . '</TD> <TD CLASS="header">' . gettext("Event") . '</TD></TR>'; $total = 0; for ($i = 0; $i < $cnt; $i++) { if ($value_lst[$i] == 0) { $entry_width = 0; } else { $entry_width = round($value_lst[$i] / $max_cnt * 100); } $total += $value_lst[$i]; $cc = $i % 2 == 0 ? "#eeeeee" : "#ffffff"; //if ($entry_width > 0) $entry_color = "#BF8385"; if ($entry_width > 0) { $entry_color = "#84C973"; } else { $entry_color = $cc; } echo '<TR bgcolor="' . $cc . '"> <TD ALIGN=CENTER>'; if ($value_lst[$i] == 0) { echo $label_lst[$i]; } else { // Hourly if (preg_match("/(\\d\\d)\\/(\\d\\d)\\/(\\d\\d\\d\\d) (\\d\\d):(\\d\\d):(\\d\\d) - (\\d\\d):(\\d\\d):(\\d\\d)/", $label_lst[$i], $found)) { //$time_str = "&time[0][1]=%3E%3D&time[0][2]=".$found[2]."&time[0][3]=".$found[1]."&time[0][4]=".$found[3]."&time[0][5]=".$found[4]."&time[0][6]=".$found[5]."&time[0][7]=".$found[6]."&time[1][0]=&time[1][1]=%3E%3D&time[1][2]=".$found[2]."&time[1][3]=".$found[1]."&time[1][4]=".$found[3]."&time[1][5]=".$found[7]."&time[1][6]=".$found[8]."&time[1][7]=".$found[9]; } elseif (preg_match("/(\\d\\d)\\/(\\d\\d)\\/(\\d\\d\\d\\d)/", $label_lst[$i], $found)) { //$time_str = "&time[0][1]=%3E%3D&time[0][2]=".$found[2]."&time[0][3]=".$found[1]."&time[0][4]=".$found[3]."&time[1][0]=&time[1][1]=%3E%3D&time[1][2]=".$found[2]."&time[1][3]=".$found[1]."&time[1][4]=".$found[3]; } elseif (preg_match("/(\\d\\d)\\/(\\d\\d\\d\\d)/", $label_lst[$i], $found)) { //$time_str = "&time[0][1]=%3E%3D&time[0][2]=".$found[1]."&time[0][3]=&time[0][4]=".$found[2]."&time[1][0]=&time[1][1]=%3E%3D&time[1][2]=".$found[1]."&time[1][3]=&time[1][4]=".$found[2]; } echo '<A HREF="' . $value_POST_lst[$i] . $time_str . '">' . $label_lst[$i] . '</A>'; } echo '</TD> <TD ALIGN=CENTER>' . Util::number_format_locale((int) $value_lst[$i], 0) . '</TD> <TD><TABLE WIDTH="100%"> <TR> <TD BGCOLOR="' . $entry_color . '" WIDTH="' . $entry_width . '%"> </TD> <TD></TD> </TR> </TABLE> </TD> </TR>'; } echo '<TR><TD CLASS="total"> </TD> <TD CLASS="total">' . Util::number_format_locale((int) $total, 0) . '</TD> <TD CLASS="total"> </TD></TR> </TABLE>'; }
function format_notif_number($number) { $formated = array(); $formated['number'] = $number; $formated['text'] = Util::number_format_locale($number); $formated['readable'] = Util::number_format_readable($number); return $formated; }
$url_criteria = BuildSrcIPFormVars($currentIP); } } else { if ($addr_type == 2) { if ($no_ip) { $url_criteria = BuildDstIpFormVars(NULL_IP); } else { $url_criteria = BuildDstIPFormVars($currentIP); } } } $sens = Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)); qroPrintEntry($sens, "center", "middle"); qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . Util::number_format_locale($num_events, 0) . '</A>', "center", "middle"); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . Util::number_format_locale($num_sig, 0) . '</A>', "center", "middle"); qroPrintEntry(Util::number_format_locale($num_ip, 0), "center", "middle"); if (file_exists("../kml/GoogleEarth.php") && $currentIP != "0.0.0.0" && $currentIP != "::") { qroPrintEntry("<a href='' onclick='window.open(\"../kml/TourConfig.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' title='" . _("Geolocation Tour") . "' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img title='" . _("Geolocation Map") . "' align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a>"); } else { qroPrintEntry(''); } qroPrintEntryFooter(); ++$i; // report_data $report_data[] = array($currentIP, '', $num_sig, $num_ip, "", "", "", "", "", "", $sens, intval($_GET['addr_type']), 0, $num_events, $country_img); } $result->baseFreeRows(); $dbo->close($_conn); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons();
function PrintEstimatedResultCnt($displaying = "") { global $show_rows, $db; echo "<table class='container' style='height:30px'><tr><td>"; if ($displaying == "") { $displaying = gettext("Displaying %d to %d of <span id='eventselected'>%s</span> events."); } if ($this->num_result_rows != 0) { if ($this->isCannedQuery()) { echo "<div class='siem_display_msg' style='text-align:left;margin:auto;padding:3px 0px'>" . gettext("Displaying") . " " . $this->GetCurrentCannedQueryDesc() . "</div>"; } else { // Total rows if (Session::am_i_admin()) { $rt = $db->baseExecute("SELECT sum(cnt) from ac_acid_event"); // from ac_ table => faster way if ($rt) { $rows = $rt->baseFetchRow(); $this->num_acid_event_rows = $rows[0]; } $rt->baseFreeRows(); } $from = $this->current_view * $show_rows + 1; $to = $this->current_view * $show_rows + $show_rows - 1 < $this->num_result_rows ? $this->current_view * $show_rows + $show_rows : $this->num_result_rows; $rows = $this->num_query_rows <= $show_rows && $this->current_view == 0 ? $this->num_query_rows : ($to > $from + $this->num_query_rows ? $from + $this->num_query_rows - 1 : $to); printf("<div class='siem_display_msg' style='text-align:left;float:left;margin:auto;padding:4px 0px'>" . $displaying . "</div>\n", $from, $rows, $this->EstimateNumber($this->num_result_rows, $this->num_query_rows, $show_rows, $rows)); if (Session::am_i_admin()) { $pinfo = "PG:" . $this->current_view . ",RR:" . $this->num_result_rows . ",QR:" . $this->num_query_rows . ",SR:" . $show_rows; printf("<div class='siem_display_msg' style='float:right;margin:auto;padding:4px 0px'>" . gettext(" <b>%s</b> total events in database.") . "</div>\n", Util::number_format_locale($this->num_acid_event_rows, 0)); } } } else { printf("<B>" . _("No events matching your search criteria have been found. Try fewer conditions.") . "</B> <a style='color:white' href='base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d'>[..." . _("Clear All Criteria") . "...]</a>\n"); // Disable buttons echo '<script>$("#actions_link").prop("disabled",true);</script>'; } echo "</td></tr></table>"; }
if ($launch_status > 0) { $response['status'] = 'success'; $response['message'] = _('The backup process is purging events...'); } else { $response['status'] = 'error'; $response['message'] = _('Sorry, operation was not completed due to an error when purging events'); } } else { $response['status'] = 'error'; $response['message'] = _('Please, select the dates you want to purge'); } break; // Ajax status interval check // Ajax status interval check case 'status': $db = new ossim_db(); $conn = $db->connect(); list($is_running, $mode, $progress) = Backup::is_running($conn); $db->close(); if ($is_running > 0) { $response['status'] = 'success'; $response['message'] = $mode == 'insert' ? _('The backup process is inserting events...') : _('The backup process is purging events...'); $response['progress'] = Util::number_format_locale($progress); } elseif ($is_running < 0) { $response['message'] = _('Bad response from frameworkd. Please, check the logs for more info'); $response['status'] = 'error'; } break; } } echo json_encode($response);
function PrintResultCnt($sqlgraph = "", $tr = array(), $displaying = "") { global $show_rows, $db; if ($displaying == "") { $displaying = gettext("Displaying events %d-%d of <b>%s</b> matching your selection."); if (Session::am_i_admin()) { $displaying .= gettext(" <b>%s</b> total events in database."); } } if ($this->num_result_rows != 0) { if ($this->isCannedQuery()) { echo "<div style='text-align:left;margin:auto'>" . gettext("Displaying") . " " . $this->GetCurrentCannedQueryDesc() . "</div>"; } else { // Total rows $rt = $db->baseExecute("SELECT count(*) from acid_event"); if ($rt) { $rows = $rt->baseFetchRow(); $this->num_acid_event_rows = $rows[0]; } $rt->baseFreeRows(); // printf("<div style='text-align:left;margin:auto'><table><tr><td><img src='../pixmaps/arrow_green.gif'></td><td>" . $displaying . "</td>\n", $this->current_view * $show_rows + 1, $this->current_view * $show_rows + $show_rows - 1 < $this->num_result_rows ? $this->current_view * $show_rows + $show_rows : $this->num_result_rows, Util::number_format_locale($this->num_result_rows, 0), Util::number_format_locale($this->num_acid_event_rows, 0)); if ($sqlgraph != "") { global $db, $graph_report_type; list($x, $y, $xticks, $xlabels) = range_graphic($tr); //echo "SQLG:$sqlgraph -->"; $res = $this->ExecuteOutputQueryNoCanned($sqlgraph, $db); //echo " COUNT:".$res->baseRecordCount()."<br>"; while ($rowgr = $res->baseFetchRow()) { //print_r($rowgr); $label = trim($rowgr[1] . " " . $rowgr[2]); if (isset($y[$label]) && $y[$label] == 0) { $y[$label] = $rowgr[0]; } //echo "$label = $rowgr[0] <br>"; } // Report data $gdata = array(); foreach ($y as $label => $val) { $gdata[] = array($label, "", "", "", "", "", "", "", "", "", "", $val, 0, 0); } $this->SaveReportData($gdata, $graph_report_type); //print_r($xlabels); //print_r($xticks); //print_r ($x); //print_r ($y); $plot = plot_graphic("plotareaglobal", 50, 400, $x, $y, $xticks, $xlabels, true); //echo "PLOT:".Util::htmlentities($plot)."."; echo "<td class=axis>{$plot}</td>"; } echo "</tr></table></div>\n"; } } else { printf("<P style='color:#22971F'><B>" . _("No events matching your search criteria have been found. Try fewer conditions.") . "</B> <a href='base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d'>[..." . _("Clear All Criteria") . "...]</a><P>\n"); } }
<?php $cou = array_splice($cou, 0, 10); foreach ($cou as $c => $value) { $info = explode(";", $c); $flag = ''; if ($info[1] != '') { $flag = "<img src='../pixmaps/" . ($info[1] == "1x1" ? "" : "flags/") . strtolower($info[1]) . ".png' border='0' width='16' height='11' title='" . $info[0] . "'> "; } ?> <tr> <td class="gr"><?php echo $flag . $info[0]; ?> </td> <td class="grb"><?php echo Util::number_format_locale($value, 0); ?> </td> </tr> <?php } ?> </table> <?php } else { ?> <div class="gray center" style="padding-top: 100px;"><?php echo _("No data available"); ?> </div>
/* Check for a NULL IP which indicates an event (e.g. portscan) * which has no IP */ qroPrintEntry(BuildIDMLink($currentIP, $addr_type) . $currentIP . '</A> ', 'center', '', 'nowrap'); /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '¤t_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query DB") . '¤t_view=-1&sort_order=occur_d'; $url_criteria = BuildIDMVars($currentIP, $addr_type); $url_criteria_src = BuildIDMVars($currentIP, $addr_type, "src"); $url_criteria_dst = BuildIDMVars($currentIP, $addr_type, "dst"); qroPrintEntry(Session::show_entities() && !empty($entities[$ctx]) ? $entities[$ctx] : (Session::show_entities() ? _("Unknown") : GetSensorName($ctx, $db)), 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . Util::number_format_locale($num_events, 0) . '</A>', 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_src . '">' . Util::number_format_locale($num_sig_src, 0) . '</A>', 'center', 'middle'); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria_dst . '">' . Util::number_format_locale($num_sig_dst, 0) . '</A>', 'center', 'middle'); qroPrintEntry(Util::number_format_locale($num_sip, 0), 'center', 'middle'); qroPrintEntry(Util::number_format_locale($num_dip, 0), 'center', 'middle'); qroPrintEntryFooter(); ++$i; } $result->baseFreeRows(); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons(); $qs->SaveState(); ExportHTTPVar("addr_type", $addr_type); echo "\n</FORM><br>\n"; $et->Mark("Get Query Elements"); $et->PrintTiming(); PrintBASESubFooter(); $db->baseClose(); echo "</body>\r\n</html>";
$data['events'], $data['srcnum'], $data['dstnum'], $data['flagr'] ); } if ($country_uhn['Unknown']>0 && count($countries)>0) { $country = _("Unresolved Country or Local IPs"); ?> <tr> <td style="padding:7px;text-align:left"><?=$country?></td> <td align="center"><?=Util::number_format_locale($country_uhn['Unknown'],0)?></td> <td align="center"> <? if ($country_uhn['srcnum']>0) { ?><?=Util::number_format_locale($country_uhn['srcnum'],0)?> <? } else echo "0" ?> </td> <td align="center"> <? if ($country_uhn['dstnum']>0) { ?><?=Util::number_format_locale($country_uhn['dstnum'],0)?> <? } else echo "0" ?> </td> <td></td> </TR> </TABLE> </TD> </tr> <? $report_data[] = array ( $country, "", "", "", "", "", "", "", "", "", "", $country_uhn['Unknown'], $country_uhn['srcnum'], $country_uhn['dstnum'], "" ); } echo '</TABLE>';
$i = 0; foreach ($event_pulses as $pulse_id => $otx_data) { if ($max_cnt == 1 && $otx_data['events'] > 0) $max_cnt = $otx_data['events']; $entry_width = round($otx_data['events'] / $max_cnt * 100); $otx_link = str_replace('__PULSEID__',urlencode(strtolower($pulse_id)),$otx_pulse_url); $link = "base_qry_main.php?new=1&submit=" . gettext("Query DB") . "&num_result_rows=-1&otx%5B0%5D=" . urlencode($pulse_id); ?> <tr> <td style="padding:7px;text-align:left;font-size:10px"> <a class="pulse_link" href="<?=$otx_link?>" target="_blank"><?=$otx_data["name"]?></a> </td> <td align="center"> <a href="<?=$link?>"><?=Util::number_format_locale($otx_data['events'],0)?></a> </td> <td align="center"><?=Util::number_format_locale($otx_data['iocs'],0)?></td> <TD width="30%"><TABLE class="transparent bar" cellpadding="0" cellspacing="0" WIDTH="100%"> <TR> <TD style="background-color:#84C973;width:<?php echo ($entry_width > 0) ? $entry_width."%" : "1px" ?>"><img src="../pixmaps/1x1.png"/></TD> <TD> </TD> </TR> </TABLE> </TD> </tr> <? $i++; /* report_data $report_data[] = array ( $country, '', "$entry_width", "", "", "", "", "", "", "", "",
if ($gt == "day") { if ($a == 4) { foreach ($days as $k => $v) { $general[$a][$i++] = $v; } } else { $general[$a][$i++] = ""; } } } //print_r($general); $generalV = $general; foreach ($generalV as $k => $v) { foreach ($v as $k1 => $v1) { if ($v1 > 0) { $generalV[$k][$k1] = Util::number_format_locale($v1, 0); } } } $chart['chart_data'] = $general; $chart['chart_value_text'] = $generalV; } if ($gt == "all" || $gt != "month" && $gt != "year" && $gt != "day" && $gt != "last_year" && $gt != "last_month" && $gt != "last_week") { $a = 1; } elseif ($gt == "year" || $gt == "last_year") { $a = 2; } elseif ($gt == "month" || $gt == "last_month" || $gt == "last_week") { $a = 3; } elseif ($gt == "day") { $a = 4; }
<!-- AVAILABILITY --> <tr bgcolor="#E1EFE0"> <td class="bartitle"><?php echo _("Availability Events"); ?> </td> <td width="50"> <table class="noborder" cellpadding="0" cellspacing="0"> <tr> <td class="theme_i"></td> <td class="theme_b"><a href="../forensics/base_qry_main.php?clear_allcriteria=1&num_result_rows=-1&submit=Query+DB¤t_view=-1&sort_order=time_d&ip=<?php echo urlencode($host); ?> &date_range=All" class="whitepn"><?php echo Util::number_format_locale((int) $ava_foundrows, 0); ?> </a></td> <td class="theme_d"></td> </tr> </table> </td> <td class="blackp" style="font-size:8px;border:0px" align="center" nowrap='nowrap'><?php echo $ava_date; ?> </td> <td class="blackp" nowrap='nowrap' style="text-align:right"><?php echo _("High Prio"); ?> :</td>
echo "points{$i}.push(" . $p["num_events"] . ");\n"; } ?> $('#events<?php echo $i; ?> ').sparkline(points<?php echo $i; ?> , { width:points<?php echo $i; ?> .length*4 }); </script> <b><?php echo Util::number_format_locale($arr["sig_cnt"], 0) . ' (' . $arr["perc"] . '%)'; ?> </b> </td> </tr> <?php } ?> </table> </td></tr> </table> </td> </tr>
function home() { global $dbconn, $start_date, $end_date, $kw, $scve, $risk; $dbconn->SetFetchMode(ADODB_FETCH_BOTH); $resultcve = $dbconn->GetArray("select id, cve_id from vuln_nessus_plugins"); foreach ($resultcve as $cve) { $c = explode(",", $cve['cve_id']); foreach ($c as $value) { $value = trim($value); if ($value != "") { $tmp = substr($value, 0, 8); $tmp = preg_replace("/cve\\s+/i", "CVE-", $tmp); //ENG-95985 Fix openvas bug with cve typo if (strcasecmp($tmp, 'cve-2104') == 0) { continue; } $cves[$tmp] = $i; $i++; } } } if (is_array($cves)) { ksort($cves); } echo "<table class='transparent w100'><tr><td class=\"sec_title\">" . _("Threats Filter") . "</td></tr></table>"; echo ' <form method="POST" action="threats-db.php"> <input type="hidden" name="disp" value="search"> <table class="w100 nobborder transparent"> <tr> <td colspan="7" class="transparent" style="padding: 0px;"> <table class="transparent nobborder" cellpadding="0" cellspacing="0" width="100%" align="center"> <tr> <th class="">' . _("Date Range") . '</th> <th class="">' . _("Keywords") . '</th> <th class="">' . _("CVE Id") . '</th> <th class="">' . _("Risk Factor") . '</th> </tr> <tr> <td style="text-align:center;" class="nobborder">'; echo "\n <div class='datepicker_range' style='width:180px;margin:0px auto;padding-left:20px;'>\n <div class='calendar_from'>\n <div class='calendar'>\n <input name='start_date' id='date_from' class='date_filter' type='input' value='{$start_date}'>\n </div>\n </div>\n <div class='calendar_separator'>\n -\n </div>\n <div class='calendar_to'>\n <div class='calendar'>\n <input name='end_date' id='date_to' class='date_filter' type='input' value='{$end_date}'>\n </div>\n </div>\n </div>"; echo <<<EOT </td> <td style="padding: 0 30px 0 30px;text-align:center;" class="nobborder"> EOT; echo <<<EOT <input type="text" name="kw" size="20" value="{$kw}"/> </td> EOT; echo "<td style=\"padding: 0 30px 0 30px;text-align:center;\" class=\"nobborder\" nowrap>"; echo "<select name=\"cve\" size=\"1\">"; echo " <option value=\"\"></option>"; foreach ($cves as $key => $value) { echo " <option value='{$key}' " . ($key == $scve ? "selected='selected'" : "") . ">{$key}</option>"; } echo "</select>"; echo "</td>"; echo <<<EOT <td style="padding: 0 30px 0 30px;text-align:center;" class="nobborder" nowrap> EOT; echo <<<EOT <select name="risk" size="1"> EOT; echo "<option value=\"\"></option>"; echo "<option value=\"7\" " . ($risk == 7 ? "selected='selected'" : "") . ">" . _("Info") . "</option>"; echo "<option value=\"6\" " . ($risk == 6 ? "selected='selected'" : "") . ">" . _("Low") . "</option>"; echo "<option value=\"3\" " . ($risk == 3 ? "selected='selected'" : "") . ">" . _("Medium") . "</option>"; echo "<option value=\"2\" " . ($risk == 2 ? "selected='selected'" : "") . ">" . _("High") . "</option>"; echo "<option value=\"1\" " . ($risk == 1 ? "selected='selected'" : "") . ">" . _("Serious") . "</option>"; echo <<<EOT </select> </td> </tr> </table> </td> </tr> </table> EOT; echo "<div class=\"transparent center w100 p_bottom\"><input type=\"submit\" value=\"" . _("Search") . "\" class=\"av_b_main\" /></div>"; echo <<<EOT <table class="table_list"><tr> EOT; echo "<th sort:format=\"str\" style=\"text-align: left;width:30%\">" . _("Threat Family") . "</th>"; echo "<th sort:format=\"int\" style=\"width:10%\" class=\"risk7\">" . _("Info") . "-7</th>"; echo "<th sort:format=\"int\" style=\"width:10%\" class=\"risk6\">" . _("Low") . "-6</th>"; echo "<th sort:format=\"int\" style=\"width:10%\" class=\"risk3\">" . _("Medium") . "-3</th>"; echo "<th sort:format=\"int\" style=\"width:10%\" class=\"risk2\">" . _("High") . "-2</th>"; echo "<th sort:format=\"int\" style=\"width:10%\" class=\"risk1\">" . _("Serious") . "-1</th>"; echo "<th sort:format=\"int\" style=\"width:20%\">" . _("Total") . "</th>"; echo <<<EOT </tr> EOT; $query = "SELECT t2.id, t2.name, count( t1.risk = '1'OR NULL ) AS Urgent, \n count( t1.risk = '2' OR NULL ) AS Critical, count( t1.risk = '3' OR NULL ) AS High, \n count( t1.risk = '6' OR NULL ) AS MEDIUM , count( t1.risk = '7'OR NULL ) AS Low, \n count( t1.risk ) AS Total \n FROM vuln_nessus_plugins t1\n LEFT JOIN vuln_nessus_family t2 ON t1.family = t2.id\n GROUP BY t1.family"; $result = $dbconn->execute($query); $http_base = "threats-db.php?disp=search"; $color = 0; while (!$result->EOF) { list($fam_id, $fam_name, $fam_urg, $fam_ser, $fam_high, $fam_med, $fam_low, $fam_total) = $result->fields; echo "<tr bgcolor=" . ($color % 2 == 0 ? "#EEEEEE" : "#FFFFFF") . "><td style=\"text-align: left;padding:3px;\">{$fam_name}</td>\n <td align=\"center\">" . ($fam_low == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=7\" >" . Util::number_format_locale((int) $fam_low, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_med == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=6\" >" . Util::number_format_locale((int) $fam_med, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_high == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=3\" >" . Util::number_format_locale((int) $fam_high, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_ser == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=2\" >" . Util::number_format_locale((int) $fam_ser, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_urg == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=1\" >" . Util::number_format_locale((int) $fam_urg, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_total == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}\" >" . Util::number_format_locale((int) $fam_total, 0) . "</a>") . "</td>\n </tr>"; $result->MoveNext(); $color++; } $query = "SELECT count( risk = '1' OR NULL ) AS Urgent, \n count( risk = '2' OR NULL ) AS Critical, count( risk = '3' OR NULL ) AS High, \n count( risk = '6' OR NULL ) AS MEDIUM , count( risk = '7'OR NULL ) AS Low, \n count( risk ) AS Total \n FROM vuln_nessus_plugins t1"; $result = $dbconn->execute($query); list($fam_urg, $fam_ser, $fam_high, $fam_med, $fam_low, $fam_total) = $result->fields; echo "<tr class=\"even\"><td class='noborder' style=\"text-align: left;padding:3px;\">" . _("Total") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_low == 0 ? "0" : "<a href=\"{$http_base}&risk=7\" >" . Util::number_format_locale((int) $fam_low, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_med == 0 ? "0" : "<a href=\"{$http_base}&risk=6\" >" . Util::number_format_locale((int) $fam_med, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_high == 0 ? "0" : "<a href=\"{$http_base}&risk=3\" >" . Util::number_format_locale((int) $fam_high, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_ser == 0 ? "0" : "<a href=\"{$http_base}&risk=2\" >" . Util::number_format_locale((int) $fam_ser, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_urg == 0 ? "0" : "<a href=\"{$http_base}&risk=1\" >" . Util::number_format_locale((int) $fam_urg, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_total == 0 ? "0" : "<a href=\"{$http_base}&family=All&risk=All\" >" . Util::number_format_locale((int) $fam_total, 0) . "</a>") . "</td>\n </tr></table>"; }
qroPrintEntry('<img src="images/dash.png" border="0">'); qroPrintEntry($div2 . $d_country_img . BuildAddressLink($ip_dip, 32) . $ip_dip . '</A>' . $bdiv2, "", "", "nowrap"); if ($fqdn == "yes") { qroPrintEntry('<FONT>' . $dip_fqdn . '</FONT>'); } $p_name = Protocol::get_protocol_by_number($proto, TRUE); if (FALSE === $p_name) { $p_name = _('UNKNOWN'); } qroPrintEntry('<FONT>' . $p_name . '</FONT>'); $tmp = '<A HREF="base_stat_ports.php?port_type=2&proto=' . $proto . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . Util::number_format_locale($num_unique_dport, 0) . '</A>'); $tmp = '<A HREF="base_stat_alerts.php?foo=1' . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . Util::number_format_locale($num_unique, 0) . '</A>'); $tmp = '<A HREF="base_qry_main.php?new=1' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1' . $tmp_ip_criteria . '">'; qroPrintEntry($tmp . Util::number_format_locale($num_occurances, 0) . '</A>'); qroPrintEntryFooter(); } $i++; // report_data $p_name = Protocol::get_protocol_by_number($proto, TRUE); if (FALSE === $p_name) { $p_name = ''; } $report_data[] = array($ip_sip, '', $ip_dip, '', $p_name, "", "", "", "", "", "", $num_unique_dport, $num_unique, $num_occurances, $s_country_img != '' || $d_country_img != '' ? $s_country_img . "####" . $d_country_img : ''); } $result->baseFreeRows(); $dbo->close($_conn); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons();
include '../draw/table.php'; break; } break; //Gauge //Gauge case 'gauge': $data = $data[0]; $v = ($max - $min) / 5; // Value in chart is 0-100 ranged, perhaps 5 must be 50 for the graph if ($max == 10) { $data_angle = $data * 10; } else { $data_angle = $data; } include '../draw/gauge.php'; break; //If the widget is a tag cloud... //If the widget is a tag cloud... case 'tag_cloud': $cloud = array(); $type = $chart_info['type']; for ($i = 0; $i < count($data); $i++) { $cloud[$i]['object'] = $label[$i]; $cloud[$i]['num'] = $data[$i]; $cloud[$i]['title'] = $label[$i] . ' ' . _("returned a count of") . ' ' . Util::number_format_locale($data[$i]); $cloud[$i]['url'] = $links[$label[$i]]; } include '../draw/tag_cloud.php'; break; }
for ($i = 0; $i < count($data); $i++) { ?> <tr> <td class='left'> <a href='javascript:;' onclick='click_handler("<?php echo $links[$i]; ?> ");'> <?php echo $label[$i]; ?> </a> </td> <td class='center'> <b><?php echo Util::number_format_locale($data[$i]); ?> </b> </td> </tr> <?php } } else { ?> <tr> <td class="center nobborder" style="font-family:arial;font-size:12px;background-color:white;padding-top:40px"> <?php echo $nodata_text; ?> </td> </tr>
echo $s_alarm_link; ?> " class="greybox2" title="<?php echo _("Alarm detail"); ?> "><?php echo $s_alarm_name . $events_count; ?> </a> <?php echo $tooltip; ?> </td> <td class="nobborder center"> <?php echo Util::number_format_locale($event_ocurrences, 0); ?> </td> <?php echo $risk_field; if (Session::is_pro() && $mssp) { ?> <!-- entity --> <td class="nobborder" style="text-align:center;"> <?php foreach ($ctxs as $_ctx) { if (count($ctxs) < 2 || $entity_types[$_ctx] != 'engine') { echo (!empty($entities[$_ctx]) ? $entities[$_ctx] : _("Unknown")) . "<br/>"; } }
$cmd .= " '{$debuglog}'"; fputs($handle, "WCL.php: {$cmd}\n"); fclose($handle); } $fp = popen("{$cmd} 2>/dev/null", "r"); while (!feof($fp)) { $line = trim(fgets($fp)); if ($line != "") { $result[] = $line; } } fclose($fp); $ok = 0; $i = 0; foreach ($result as $line) { if (trim($line) != "") { if ($ips != "") { $current_server = $ip_to_name[$ips_arr[$i]]; echo "<table class='transparent' align='center'><tr><td style='padding-left:5px;padding-right:5px;border-radius:5px;-moz-border-radius:5px;-webkit-border-radius:5px;border:0px;background-color:#" . $_SESSION['logger_colors'][$current_server]['bcolor'] . ";color:#" . $_SESSION['logger_colors'][$current_server]['fcolor'] . "'>{$current_server}</td><td class='nobborder' nowrap style='padding-left:5px'>" . "<b>" . Util::number_format_locale($line, 0) . "</b> " . _("logs") . "</td></tr></table>"; $ok = 1; $i++; } else { echo _("About") . " <b>" . Util::number_format_locale($line, 0) . "</b> " . _("logs") . "\n"; $ok = 1; break; } } } if (!$ok) { echo _("About") . " <b>0</b> " . _("logs") . "\n"; }
$antes = ""; $despues = $signame; } qroPrintEntry("{$antes} <a href='{$siglink}' class='qlink'>" . trim($despues) . "</a>", "left", "", "style='vertical-align:middle'"); //qroPrintEntry(BuildSigByID($sig_id, $db),"left","middle"); $ocurrlink = 'base_qry_main.php?new=1&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($sig_id) . '&sig_type=1' . '&submit=' . gettext("Query DB") . '&num_result_rows=-1'; //$perc = (($avoid_counts != 1) ? (' (' . (round($total_occurances / $event_cnt * 100)) . '%)') : ('')); $pid = $myrow["plugin_id"] . "-" . $myrow["plugin_sid"]; qroPrintEntry('<A HREF="' . $ocurrlink . '" id="occur' . $pid . '" class="qlink">' . Util::number_format_locale($total_occurances, 0) . '</A>' . $perc, 'center', 'middle', 'nowrap'); if ($db->baseGetDBversion() >= 100) { $addr_link = '&sig_type=1&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($sig_id); } else { $addr_link = '&sig%5B0%5D=%3D&sig%5B1%5D=' . urlencode($sigstr); } qroPrintEntry(BuildUniqueAddressLink(1, $addr_link, '', 'qlink') . Util::number_format_locale($num_src_ip, 0) . '</A>', 'center', 'middle', 'nowrap'); qroPrintEntry(BuildUniqueAddressLink(2, $addr_link, '', 'qlink') . Util::number_format_locale($num_dst_ip, 0) . '</A>', 'center', 'middle', 'nowrap'); qroPrintEntry('<div id="le' . $pid . '" style="padding:0px 4px"></div>', 'center', 'middle', 'nowrap'); // GRAPH qroPrintEntry('<div id="plotarea' . $pid . '" class="plot"></div>', 'center', 'middle'); qroPrintEntryFooter(); $i++; $prev_time = null; // report_data $report_data[] = array(trim(html_entity_decode($despues)), html_entity_decode($total_occurances . $perc), "", "", "", "", "", "", "", "", "", 0, $num_src_ip, $num_dst_ip); } $result->baseFreeRows(); $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons(); $qs->SaveReportData($report_data, $unique_events_report_type); $qs->SaveState();
function modify_scan_networks($conn, $wizard, $data) { $step = intval($wizard->get_step_data('scan_step')); if ($step == 1 || $step == 2) { $response['error'] = TRUE; $response['msg'] = _('There is a Asset scan running, you have to wait until it completes.'); return $response; } $ids = array_keys($data['nets']); ossim_valid($ids, OSS_HEX, 'illegal:' . _("Network ID")); if (ossim_error()) { $response['error'] = TRUE; $response['msg'] = ossim_get_error(); ossim_clean_error(); return $response; } $nets = array(); $ip_count = 0; foreach ($ids as $id) { $cidrs = Asset_net::get_ips_by_id($conn, $id); $cidrs = preg_replace('/\\s*,\\s*/', ' ', $cidrs); $nets[$id] = trim($cidrs); $cidr_list = explode(' ', $cidrs); foreach ($cidr_list as $cidr) { list($dir, $mask) = explode('/', $cidr); if ($mask > 0 && $mask <= 32) { $ip_count += 1 << 32 - $mask; } } } $wizard->clean_step_data(); $wizard->set_step_data('scan_step', 0); $wizard->set_step_data('scan_nets', $nets); $wizard->set_step_data('scan_ips_count', $ip_count); $wizard->save_status(); $response['error'] = FALSE; $response['data']['total'] = Util::number_format_locale($ip_count); return $response; }
?> </a></td> <?php } else { echo "0"; } ?> <td align="center"> <?php if ($country_uhn['dstnum'] > 0) { ?> <a href="base_stat_country_alerts.php?cc=unknown&location=dstaddress&query=<?php echo urlencode(base64_encode($sql)); ?> "><?php echo Util::number_format_locale($country_uhn['dstnum'], 0); ?> </a> <?php } else { echo "0"; } ?> </td> </TR> </TABLE> </TD> </tr> <?php $report_data[] = array($country, "", "", "", "", "", "", "", "", "", "", $country_uhn['Unknown'], $country_uhn['srcnum'] + $country_uhn['dstnum'], 0); }
<tr> <td bgcolor="<?php echo $color; ?> "><a href="../forensics/base_qry_alert.php?submit=<?php echo rawurlencode($tmp_rowid); ?> " style="text-align:left;color: #17457c;font-size:10px"><strong><?php echo $ev['sig_name']; ?> </strong></a></td> <td bgcolor="<?php echo $color; ?> "><?php echo Util::number_format_locale($ev['sig_cnt'], 0); ?> </td> <?php if ($network) { ?> <td bgcolor="<?php echo $color; ?> "><?php echo long2ip($ev['ip_s']); ?> </td><?php } ?> <?php
} $hosts_alive = intval($hosts_alive); $scan_locally = intval($scan_locally); $not_resolve = intval($not_resolve); $send_email = intval($send_email); $total_assets = intval($total_assets); $scheduled_status = $_REQUEST['status'] != '' ? intval($_REQUEST['status']) : 1; // enable scheduled jobs by default ossim_valid($action, 'create_scan', 'save_scan', OSS_NULLABLE, 'Illegal:' . _('Action')); if (ossim_error()) { die(_('Invalid Action Parameter')); } $selected = Filter_list::get_total_selection($conn, $type); if ($selected > Filter_list::MAX_VULNS_ITEMS) { $msg = _('Vulnerability scans can only be performed on %s assets at a time. Please select less assets and try again.'); $limit_msg = sprintf($msg, Util::number_format_locale(Filter_list::MAX_VULNS_ITEMS)); } if (!$limit_msg && in_array($action, array('create_scan', 'save_scan'))) { // load the default values for the form if ($action == 'create_scan') { $conf = $GLOBALS['CONF']; $scan_locally = $conf->get_conf('nessus_pre_scan_locally'); $timeout = 28800; $hosts_alive = 1; } $hosts_alive_data = get_host_alive_attributes($hosts_alive, $targets); $scan_locally_checked = $scan_locally == 1 ? 'checked="checked"' : ''; $resolve_names_checked = $not_resolve == 1 ? 'checked="checked"' : ''; $email_notification = array(); $email_notification['no'] = $send_email == 0 ? 'checked="checked"' : ''; $email_notification['yes'] = $send_email == 1 ? 'checked="checked"' : '';
function home() { global $dbconn, $start_date, $end_date, $kw, $scve, $risk; $resultcve = $dbconn->GetArray("select id, cve_id from vuln_nessus_plugins"); foreach ($resultcve as $cve) { $c = explode(",", $cve['cve_id']); foreach ($c as $value) { $value = trim($value); if ($value != "") { $tmp = substr($value, 0, 8); $cves[$tmp] = $i; $i++; } } } if (is_array($cves)) { ksort($cves); } echo "<center><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"804\"><tr><td class=\"headerpr\" style=\"border:0;\">" . _("Threats") . "</td></tr></table></center>"; echo <<<EOT <form method="POST" action="threats-db.php"> <input type="hidden" name="disp" value="search"> <center> <table cellpadding="0" cellspacing="2" width="796"> <tr><td class="nobborder"> <table align="center" cellpadding="2" cellspacing="0" width="800" height="40"> <tr> <td style="padding: 0 30px 0 30px;text-align:center;" class="nobborder"> EOT; echo "<div class=\"field\"><b>" . _("Start Date") . "</b></div>"; echo <<<EOT <div id="widget" style="display:inline;"> <a href="javascript:;"><img src="../pixmaps/calendar.png" id='imgcalendar' border="0" align="absmiddle" style="padding:0px 0px 2px 0px" /></a> <div id="widgetCalendar" style="position:absolute;top:11;z-index:10"></div> </div> <input type="text" id="start_date" name="start_date" readonly="readonly" name="start" size="12" value="{$start_date}"/> </td> <td style="padding: 0 30px 0 30px;text-align:center;" class="nobborder"> EOT; echo "<div class=\"field\"><b>" . _("End Date") . "</b></div>"; echo <<<EOT <input type="text" id="end_date" name="end_date" readonly="readonly" size="12" value="{$end_date}"/> </td> <td style="padding: 0 30px 0 30px;text-align:center;" class="nobborder"> EOT; echo "<div class=\"field\"><b>" . _("Keywords") . "</b></div>"; echo <<<EOT <input type="text" name="kw" size="20" value="{$kw}"/> </td> EOT; echo "<td style=\"padding: 0 30px 0 30px;text-align:center;\" class=\"nobborder\" nowrap>"; echo "<div class=\"field\"><b>" . _("CVE Id") . "</b></div>"; echo "<select name=\"cve\" size=\"1\">"; echo " <option value=\"\"></option>"; foreach ($cves as $key => $value) { echo " <option value='{$key}' " . ($key == $scve ? "selected='selected'" : "") . ">{$key}</option>"; } echo "</select>"; echo "</td>"; echo <<<EOT <td style="padding: 0 30px 0 30px;text-align:center;" class="nobborder" nowrap> EOT; echo "<div class=\"field\"><b>" . _("Risk Factor") . "</b></div>"; echo <<<EOT <select name="risk" size="1"> EOT; echo "<option value=\"\"></option>"; echo "<option value=\"1\" " . ($risk == 1 ? "selected='selected'" : "") . ">" . _("Info") . "</option>"; echo "<option value=\"2\" " . ($risk == 2 ? "selected='selected'" : "") . ">" . _("Low") . "</option>"; echo "<option value=\"3\" " . ($risk == 3 ? "selected='selected'" : "") . ">" . _("Medium") . "</option>"; echo "<option value=\"6\" " . ($risk == 6 ? "selected='selected'" : "") . ">" . _("High") . "</option>"; echo "<option value=\"7\" " . ($risk == 7 ? "selected='selected'" : "") . ">" . _("Serious") . "</option>"; echo <<<EOT </select> </td> </tr> </table><br> EOT; echo "<center><input type=\"submit\" value=\"" . _("Search") . "\" class=\"button\" /></center>"; echo <<<EOT </form> <br> <center> <table id="family-table" class="tabular" width="800"> <thead> <tr> EOT; echo "<th sort:format=\"str\" style=\"text-align: left\">" . _("Threat Family") . "</th>"; echo "<th sort:format=\"int\" class=\"risk1\">" . _("Info") . "-1</th>"; echo "<th sort:format=\"int\" class=\"risk2\">" . _("Low") . "-2</th>"; echo "<th sort:format=\"int\" class=\"risk3\">" . _("Medium") . "-3</th>"; echo "<th sort:format=\"int\" class=\"risk6\">" . _("High") . "-6</th>"; echo "<th sort:format=\"int\" class=\"risk7\">" . _("Serious") . "-7</th>"; echo "<th sort:format=\"int\">" . _("Total") . "</th>"; echo <<<EOT </tr> </thead> EOT; $query = "SELECT t2.id, t2.name, count( t1.risk = '1'OR NULL ) AS Urgent, \n count( t1.risk = '2' OR NULL ) AS Critical, count( t1.risk = '3' OR NULL ) AS High, \n count( t1.risk = '6' OR NULL ) AS MEDIUM , count( t1.risk = '7'OR NULL ) AS Low, \n count( t1.risk ) AS Total \n FROM vuln_nessus_plugins t1\n LEFT JOIN vuln_nessus_family t2 ON t1.family = t2.id\n GROUP BY t1.family"; $result = $dbconn->execute($query); $http_base = "threats-db.php?disp=search"; $color = 0; while (!$result->EOF) { list($fam_id, $fam_name, $fam_urg, $fam_ser, $fam_high, $fam_med, $fam_low, $fam_total) = $result->fields; echo "<tr class=\"even\" bgcolor=" . ($color % 2 == 0 ? "#F2F2F2" : "#FFFFFF") . "><td style=\"text-align: left\">{$fam_name}</td>\n <td align=\"center\">" . ($fam_urg == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=1\" >" . Util::number_format_locale((int) $fam_urg, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_ser == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=2\" >" . Util::number_format_locale((int) $fam_ser, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_high == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=3\" >" . Util::number_format_locale((int) $fam_high, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_med == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=6\" >" . Util::number_format_locale((int) $fam_med, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_low == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}&risk=7\" >" . Util::number_format_locale((int) $fam_low, 0) . "</a>") . "</td>\n <td align=\"center\">" . ($fam_total == 0 ? "0" : "<a href=\"{$http_base}&family={$fam_id}\" >" . Util::number_format_locale((int) $fam_total, 0) . "</a>") . "</td>\n </tr>"; $result->MoveNext(); $color++; } $query = "SELECT count( risk = '1' OR NULL ) AS Urgent, \n count( risk = '2' OR NULL ) AS Critical, count( risk = '3' OR NULL ) AS High, \n count( risk = '6' OR NULL ) AS MEDIUM , count( risk = '7'OR NULL ) AS Low, \n count( risk ) AS Total \n FROM vuln_nessus_plugins t1"; $result = $dbconn->execute($query); list($fam_urg, $fam_ser, $fam_high, $fam_med, $fam_low, $fam_total) = $result->fields; echo "<tr><td colspan=7 height='20'></td></tr>\n <tr class=\"even\"><td class='noborder' style=\"text-align: left\"> </td>\n <td class='noborder' align=\"center\">" . ($fam_urg == 0 ? "0" : "<a href=\"{$http_base}&risk=1\" >" . Util::number_format_locale((int) $fam_urg, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_ser == 0 ? "0" : "<a href=\"{$http_base}&risk=2\" >" . Util::number_format_locale((int) $fam_ser, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_high == 0 ? "0" : "<a href=\"{$http_base}&risk=3\" >" . Util::number_format_locale((int) $fam_high, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_med == 0 ? "0" : "<a href=\"{$http_base}&risk=6\" >" . Util::number_format_locale((int) $fam_med, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_low == 0 ? "0" : "<a href=\"{$http_base}&risk=7\" >" . Util::number_format_locale((int) $fam_low, 0) . "</a>") . "</td>\n <td class='noborder' align=\"center\">" . ($fam_total == 0 ? "0" : "<a href=\"{$http_base}&family=All&risk=All\" >" . Util::number_format_locale((int) $fam_total, 0) . "</a>") . "</td>\n </tr></table></td></tr></table></center></center>"; }