<?php
session_name('nessquik');
session_start();
// Used for including files
if (!defined("_ABSPATH")) {
define("_ABSPATH", dirname(dirname(__FILE__)));
}
require_once _ABSPATH . '/confs/config-inc.php';
require_once _ABSPATH . '/lib/Smarty.php';
require_once _ABSPATH . '/lib/functions.php';
require_once _ABSPATH . '/lib/Help.php';
$db = nessquikDB::getInstance();
$sa = resultsDB::getInstance();
$_hlp = Help::getInstance();
$tpl = SmartyTemplate::getInstance();
$tpl->template_dir = _ABSPATH . '/templates/';
$tpl->compile_dir = _ABSPATH . '/templates_c/';
if ($_POST) {
$action = import_var('action', 'P');
} else {
$action = import_var('action', 'G');
switch ($action) {
case "make_report":
continue;
default:
exit;
}
}
switch ($action) {
case "show_help_categories":
private function delete_saved_scan_results($profile_id)
{
$db = resultsDB::getInstance();
$sql = "DELETE FROM saved_scan_results WHERE profile_id=':1'";
$stmt = $db->prepare($sql);
$stmt->execute($profile_id);
}
public static function getInstance()
{
if (empty(self::$instance)) {
switch (_RELEASE) {
case "fermi":
self::$instance = parent::db_factory(_SAVED_DBUSER, _SAVED_DBPASS, _SAVED_DBUSE, _SAVED_DBSERVER, _SAVED_DBPORT);
break;
case "general":
default:
self::$instance = nessquikDB::getInstance();
break;
}
}
return self::$instance;
}
/**
* Save a scan report to the database
*
* After a scan has finished running, nessquik will check
* to see if the user wanted to save the results to the
* database. By default, in 2.5, this functionality is
* turned on. It's become best practice to save the results
* of scans to the database, otherwise debugging nessquik
* and using some of it's more advanced options becomes
* impractical.
*
* @param array $params Array of parameters sent to the function
* 0 - Client key of the scanner
* 1 - Profile ID to save the results under
* 2 - The date, in MySQL datetime format, that the
* results were saved to the database
* 3 - The full scan results to save
* @return True on successful progress update. IXR_Error
* on failure
*/
public function jobs_saveReport($params)
{
$db = resultsDB::getInstance();
$client_key = $params[0];
$profile_id = $params[1];
$saved_on = $params[2];
$results = $params[3];
$username = $this->username_from_profile($profile_id);
$sql = "INSERT INTO saved_scan_results (\n\t\t\t\t`profile_id`,\n\t\t\t\t`username`,\n\t\t\t\t`saved_on`,\n\t\t\t\t`scan_results`) \n\t\t\tVALUES (':1',':2',':3',\":4\");";
if (!$this->client_key_ok($client_key)) {
return $this->error;
}
if (!$this->client_key_can_scan_profile($client_key, $profile_id)) {
return $this->error;
}
$stmt = $db->prepare($sql);
$stmt->execute($profile_id, $username, $saved_on, $results);
if (defined('_USE_RECORD_DB')) {
if (_USE_RECORD_DB === true) {
$this->jobs_saveHistoricReport($params);
}
}
return true;
}