exit;
}
if (!Ossec::is_editable($file)) {
$data['status'] = 'error';
$data['data'] = _('Error! File not editable');
echo json_encode($data);
exit;
}
$_SESSION['_current_file'] = $file;
$lk_name = $_SESSION['lk_name'];
$new_xml_data = html_entity_decode(base64_decode($new_xml_data), ENT_QUOTES, 'UTF-8');
$xml_obj = new Xml_parser($lk_name);
$xml_obj->load_string($new_xml_data);
if ($xml_obj->errors['status'] == FALSE) {
$data['status'] = 'error';
$data['data'] = "<div id='parse_errors'>\n <span style='font-weight: bold;'>" . _('Data in XML file with wrong format') . " <a onclick=\"\$('#msg_errors').toggle();\"> [" . _('View errors') . "]</a></span>\n <br/><div id='msg_errors'>" . implode('', $xml_obj->errors['msg']) . "</div>\n </div>";
} else {
try {
Ossec::set_rule_file($sensor_id, $file, $new_xml_data);
$array_xml = $xml_obj->xml2array();
$tree_json = Ossec_utilities::array2json($array_xml, $file);
$_SESSION['_tree_json'] = $tree_json;
$_SESSION['_tree'] = $array_xml;
$data['data'] = _("{$file} updated successfully") . '###' . base64_encode($tree_json);
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = $e->getMessage();
}
}
echo json_encode($data);
exit;
}
break;
}
if ($data['status'] != 'error') {
if ($ok === FALSE) {
$data['status'] = 'error';
$data['data'] = _('Error! XML file not updated (1)');
echo json_encode($data);
} else {
$xml = new Xml_parser($lk_name);
$output = $xml->array2xml($tree);
$output = Ossec_utilities::formatOutput($output, $lk_name);
$output = utf8_decode($output);
try {
Ossec::set_rule_file($sensor_id, $file, $output);
$tree = Ossec::get_tree($sensor_id, $file);
$tree_json = Ossec_utilities::array2json($tree, $file);
$_SESSION['_tree_json'] = $tree_json;
$_SESSION['_tree'] = $tree;
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = $e->getMessage();
}
}
}
if ($data['status'] == 'error') {
//Restore copy
@copy($path_tmp, $rule_file);
$_SESSION['_tree'] = $tree_cp;
$_SESSION['_tree_json'] = Ossec_utilities::array2json($tree_cp, $file);
} else {
}
$db->close();
}
if (ossim_error()) {
echo '2###' . _('We found the followings errors') . ": <div style='padding-left: 15px; text-align:left;'>" . ossim_get_error_clean() . '</div>';
exit;
}
//Current sensor
$_SESSION['ossec_sensor'] = $sensor_id;
echo '1###';
try {
$rules = Ossec::get_rule_files($sensor_id, FALSE);
$options_e .= "<optgroup label='" . _('Editable rule file') . "'>\n";
$options_ne .= "<optgroup label='" . _('Rules files read-only') . "'>\n";
foreach ($rules as $rule) {
if (Ossec::is_editable($rule)) {
$options_e .= "<option style='text-align: left;' value='{$rule}'>{$rule}</option>\n";
} else {
$options_ne .= "<option style='text-align: left;' value='{$rule}'>{$rule}</option>\n";
}
}
$options_e .= "</optgroup>\n";
$options_ne .= "</optgroup>\n";
$rule_options = $options_e . "\n" . $options_ne;
} catch (Exception $e) {
$rule_options = "<option value=''>" . _('No rule files found') . "</option>";
}
?>
<div id='tree_container_top'>
<select id='rules' name='rules'>
<?php
*
* You should have received a copy of the GNU General Public License
* along with this package; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
* MA 02110-1301 USA
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
//Get XML node
$lk_value = POST('lk_value');
$lk_name = $_SESSION['lk_name'];
$tree_lr = $_SESSION['_tree'];
$child = Ossec::get_child($tree_lr, $lk_name, $lk_value);
$rule = array('@attributes' => array($lk_name => '1'), '0' => array('rule' => $child['tree']));
if (!empty($child)) {
$xml_obj = new Xml_parser($lk_name);
$output = $xml_obj->array2xml($rule);
$data['status'] = 'success';
$data['data'] = Ossec_utilities::formatOutput($output, $lk_name);
} else {
$data['status'] = 'error';
$data['data'] = _('Error! Information not available');
}
echo json_encode($data);
Session::logcheck('environment-menu', 'EventsHidsConfig');
$lk_name = $_SESSION['lk_name'];
$file = $_SESSION['_current_file'];
$editable = Ossec::is_editable($file);
$node = explode('</span>', strip_tags($_POST['node'], '<span>'));
$node_name = preg_replace('/<span>/', '', $node[0]);
$_SESSION['_current_node'] = $node_name;
$lk_value = strip_tags($_POST['lk_value']);
$_SESSION['_current_level_key'] = $lk_value;
$tree = $_SESSION['_tree'];
$child = Ossec::get_child($tree, $lk_name, $lk_value);
$_SESSION['_current_branch'] = $child;
$parents = $child['parents'];
$ac_data = Ossec::get_ac_type($parents);
echo implode('##__##', $ac_data) . '##__##';
$node_type = Ossec::get_node_type($node_name, $child);
$_SESSION["_current_node_type"] = $node_type;
$sf_data = array('handler' => 'modify', 'lk_value' => $lk_value);
/*
* Types:
* [1] Attribute
* [2] Attributes
* [3] Text Node
* [4] Node with level <=2
* [5] Node with level > 2
*/
switch ($node_type) {
case 1:
$attributes = array($node_name => $child['tree']['@attributes'][$node_name], $lk_name => $child['tree']['@attributes'][$lk_name]);
$unique_id = $lk_value . '_at1';
include AV_MAIN_ROOT_PATH . '/ossec/templates/ossec_rules/tpl_attribute.php';
ossim_valid($cache, 'true | false', 'illegal:' . _('Cache'));
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
ossim_set_error(_('Error! Sensor not allowed'));
}
$db->close();
}
if (ossim_error()) {
echo "<option value=''>" . _('No rule files found') . '</option>';
exit;
}
try {
$rules = Ossec::get_rule_files($sensor_id, $cache);
$options_e .= "<optgroup label='" . _('Editable rule file') . "'>\n";
$options_ne .= "<optgroup label='" . _('Rules files read-only') . "'>\n";
foreach ($rules as $rule) {
$selected = $rule == $file ? ' selected="selected"' : '';
if (Ossec::is_editable($v)) {
$options_e .= "<option style='text-align: left;' {$selected} value='{$rule}'>{$rule}</option>\n";
} else {
$options_ne .= "<option style='text-align: left;' {$selected} value='{$rule}'>{$rule}</option>\n";
}
}
$options_e .= "</optgroup>\n";
$options_ne .= "</optgroup>\n";
echo $options_e . "\n" . $options_ne;
} catch (Exception $e) {
echo "<option value=''>" . _('No rule files found') . "</option>";
}
$directories = Ossec::get_nodes($syscheck, 'directories');
$wentries = Ossec::get_nodes($syscheck, 'windows_registry');
$reg_ignores = Ossec::get_nodes($syscheck, 'registry_ignore');
$ignores = Ossec::get_nodes($syscheck, 'ignore');
$frequency = Ossec::get_nodes($syscheck, 'frequency');
$frequency = $frequency[0][0];
$scan_day = Ossec::get_nodes($syscheck, 'scan_day');
$scan_day = $scan_day[0][0];
$scan_time = Ossec::get_nodes($syscheck, 'scan_time');
$scan_time = $scan_time[0][0];
$st = !empty($scan_time) ? explode(':', $scan_time) : array();
$auto_ignore = Ossec::get_nodes($syscheck, 'auto_ignore');
$auto_ignore = empty($auto_ignore[0][0]) ? 'no' : $auto_ignore[0][0];
$alert_new_files = Ossec::get_nodes($syscheck, 'alert_new_files');
$alert_new_files = empty($alert_new_files[0][0]) ? 'no' : $alert_new_files[0][0];
$scan_on_start = Ossec::get_nodes($syscheck, 'scan_on_start');
$scan_on_start = empty($scan_on_start[0][0]) ? 'yes' : $scan_on_start[0][0];
$directory_checks = array('realtime' => 'Realtime', 'report_changes' => 'Report changes', 'check_all' => 'Chk all', 'check_sum' => 'Chk sum', 'check_sha1sum' => 'Chk sha1sum', 'check_size' => 'Chk size', 'check_owner' => 'Chk owner', 'check_group' => 'Chk group', 'check_perm' => 'Chk perm');
$week_days = array('' => '-- Select a day --', 'monday' => 'Monday', 'tuesday' => 'Tuesday', 'wednesday' => 'Wednesday', 'thursday' => 'Thursday', 'friday' => 'Friday', 'saturday' => 'Saturday', 'sunday' => 'Sunday');
$yes_no = array('yes' => 'Yes', 'no' => 'No');
echo '1###';
?>
<form name='form_syscheck' id='form_syscheck'>
<?php
if (count($ac_keys) > 1) {
?>
<div class='cont_sys_ac'>
<label for='ac_key'><?php
echo _('Select agent config block');
?>
:</label>
</tr>
<?php
}
?>
</tbody>
</table>
<div class='cont_savet2'>
<input type='button' class='small' id='send_6' value='<?php
echo _('Save');
?>
' onclick="save_config_tab();"/>
</div>
</div>
</form>
<?php
} catch (Exception $e) {
echo "2###" . _('We found the followings errors:') . "<div style='padding-left: 15px; text-align:left;'>" . $e->getMessage() . '</div>';
}
} elseif ($tab == '#tab3') {
try {
$conf_data = Ossec::get_configuration_file($sensor_id);
echo "1###" . $conf_data['data'];
} catch (Exception $e) {
echo "2###" . _('We found the followings errors:') . "<div style='padding-left: 15px; text-align:left;'>" . $e->getMessage() . '</div>';
}
} else {
echo '2###' . _('We found the followings errors') . ": <div style='padding-left: 15px; text-align:left;'>" . _('Illegal action') . '</div>';
}
}
$copy_cf = preg_replace("/<\\/\\s*ossec_config\\s*>/", "{$unique_id}</ossec_config>", $copy_cf, 1);
} else {
$copy_cf = "<ossec_config>{$unique_id}</ossec_config>";
}
}
$copy_cf = preg_replace("/{$unique_id}/", $node_sys, $copy_cf);
$conf_data = Ossec_utilities::formatXmlString($copy_cf);
try {
$data = Ossec::set_configuration_file($sensor_id, $conf_data);
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = $e->getMessage();
}
echo json_encode($data);
} else {
if ($tab == '#tab3') {
try {
$new_conf = html_entity_decode(base64_decode($_POST['data']), ENT_QUOTES, 'UTF-8');
$data = Ossec::set_configuration_file($sensor_id, $new_conf);
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = $e->getMessage();
}
echo json_encode($data);
} else {
$data['status'] = 'error';
$data['data'] = _('Error! Illegal action');
echo json_encode($data);
}
}
}
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
$file = POST('file');
$sensor_id = POST('sensor_id');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
ossim_valid($file, OSS_ALPHA, OSS_SCORE, OSS_DOT, 'illegal:' . _('File'));
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
ossim_set_error(_('Error! Sensor not allowed'));
}
$db->close();
}
if (ossim_error()) {
$data['status'] = 'error';
$data['data'] = _('We found the followings errors:') . "<div style='padding-left: 15px; text-align:left;'>" . ossim_get_error_clean() . '</div>';
echo json_encode($data);
exit;
}
//Rule file
$_SESSION['_current_file'] = $file;
try {
$rule_data = Ossec::get_rule_file($sensor_id, $file);
$data['status'] = 'success';
$data['data'] = $rule_data['data'];
} catch (Exception $e) {
$data['status'] = 'error';
$data['data'] = $e->getMessage();
}
echo json_encode($data);