commit
c07f0a709b
5
.gitmessage
Normal file
5
.gitmessage
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
<type>[optional scope]: <description>
|
||||||
|
|
||||||
|
[optional body]
|
||||||
|
|
||||||
|
[optional footer]
|
Binary file not shown.
@ -1,4 +1,4 @@
|
|||||||
FROM php:7.2.8-apache-stretch
|
FROM php:apache-stretch
|
||||||
COPY conf/docker-php.ini /usr/local/etc/php/php.ini
|
COPY conf/docker-php.ini /usr/local/etc/php/php.ini
|
||||||
RUN apt update && apt -y install zlib1g-dev mysql-client
|
RUN apt update && apt -y install zlib1g-dev mysql-client
|
||||||
RUN docker-php-ext-install mysqli zip
|
RUN docker-php-ext-install mysqli zip
|
||||||
|
BIN
README.pdf
BIN
README.pdf
Binary file not shown.
44
ajax.php
44
ajax.php
@ -48,10 +48,14 @@
|
|||||||
*/
|
*/
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
|
|
||||||
|
include_once 'vendor/autoload.php';
|
||||||
include_once 'config.inc';
|
include_once 'config.inc';
|
||||||
include_once 'import.inc';
|
include_once 'import.inc';
|
||||||
include_once 'helper.inc';
|
include_once 'helper.inc';
|
||||||
|
|
||||||
|
use Monolog\Logger;
|
||||||
|
use Monolog\Handler\StreamHandler;
|
||||||
|
|
||||||
chdir(dirname(__FILE__));
|
chdir(dirname(__FILE__));
|
||||||
|
|
||||||
$db = new db();
|
$db = new db();
|
||||||
@ -229,8 +233,10 @@ elseif ($action == 'get-cat-data') {
|
|||||||
$checklist = $db->get_Checklist_By_File($fname);
|
$checklist = $db->get_Checklist_By_File($fname);
|
||||||
|
|
||||||
if (isset($checklist[0])) {
|
if (isset($checklist[0])) {
|
||||||
$checklist[0]->type = ucfirst($checklist[0]->type);
|
$chk = $checklist[0];
|
||||||
print header(JSON) . json_encode($checklist[0]);
|
|
||||||
|
$chk->type = ucfirst($chk->type);
|
||||||
|
print header(JSON) . json_encode($chk);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
print header(JSON) . json_encode(array('error' => 'Error finding checklist'));
|
print header(JSON) . json_encode(array('error' => 'Error finding checklist'));
|
||||||
@ -542,8 +548,7 @@ function sw_filter($is_os = false)
|
|||||||
'table_joins' => [
|
'table_joins' => [
|
||||||
"LEFT JOIN `sagacity`.`target_software` ts ON ts.`sft_id` = s.`id`" . ($tgt_id ? " AND ts.`tgt_id` = $tgt_id" : "")
|
"LEFT JOIN `sagacity`.`target_software` ts ON ts.`sft_id` = s.`id`" . ($tgt_id ? " AND ts.`tgt_id` = $tgt_id" : "")
|
||||||
],
|
],
|
||||||
'order' => 's.cpe',
|
'order' => 's.cpe'
|
||||||
'limit' => 25
|
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$sw = $db->help->execute();
|
$sw = $db->help->execute();
|
||||||
@ -1482,9 +1487,11 @@ function get_hosts($cat_id = null)
|
|||||||
$ste_id = filter_input(INPUT_COOKIE, 'ste', FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
|
$ste_id = filter_input(INPUT_COOKIE, 'ste', FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
|
||||||
$tgts = [];
|
$tgts = [];
|
||||||
|
|
||||||
|
$exp_scan_srcs = null;
|
||||||
if ($cat_id) {
|
if ($cat_id) {
|
||||||
$ste_cat = $db->get_Category($cat_id)[0];
|
$ste_cat = $db->get_Category($cat_id)[0];
|
||||||
$tgts = $db->get_Target_By_Category($cat_id);
|
$tgts = $db->get_Target_By_Category($cat_id);
|
||||||
|
$exp_scan_srcs = $db->get_Expected_Category_Sources($ste_cat);
|
||||||
}
|
}
|
||||||
elseif (is_numeric($ste_id)) {
|
elseif (is_numeric($ste_id)) {
|
||||||
$tgts = $db->get_Unassigned_Targets($ste_id);
|
$tgts = $db->get_Unassigned_Targets($ste_id);
|
||||||
@ -1494,13 +1501,8 @@ function get_hosts($cat_id = null)
|
|||||||
}
|
}
|
||||||
|
|
||||||
foreach ($tgts as $tgt) {
|
foreach ($tgts as $tgt) {
|
||||||
|
/** @var target $tgt */
|
||||||
$chks = $db->get_Target_Checklists($tgt->get_ID());
|
$chks = $db->get_Target_Checklists($tgt->get_ID());
|
||||||
if ($cat_id) {
|
|
||||||
$exp_scan_srcs = $db->get_Expected_Category_Sources($ste_cat);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$exp_scan_srcs = null;
|
|
||||||
}
|
|
||||||
$scan_srcs = $db->get_Target_Scan_Sources($tgt, $exp_scan_srcs);
|
$scan_srcs = $db->get_Target_Scan_Sources($tgt, $exp_scan_srcs);
|
||||||
$icons = [];
|
$icons = [];
|
||||||
$icon_str = '';
|
$icon_str = '';
|
||||||
@ -1520,16 +1522,18 @@ function get_hosts($cat_id = null)
|
|||||||
}
|
}
|
||||||
|
|
||||||
foreach ($scan_srcs as $src) {
|
foreach ($scan_srcs as $src) {
|
||||||
$icon = $src['src']->get_Icon();
|
if(isset($src['src']) && is_a($src['src'], 'source')) {
|
||||||
if($src['scan_error']) {
|
$icon = $src['src']->get_Icon();
|
||||||
$icon = strtolower($src['src']->get_Name()) . "-failed.png";
|
if(isset($src['scan_error']) && $src['scan_error']) {
|
||||||
}
|
$icon = strtolower($src['src']->get_Name()) . "-failed.png";
|
||||||
|
}
|
||||||
|
|
||||||
$src_str .= "<img src='/img/scan_types/{$icon}' title='{$src['src']->get_Name()}";
|
$src_str .= "<img src='/img/scan_types/{$icon}' title='{$src['src']->get_Name()}";
|
||||||
if (isset($src['count']) && $src['count']) {
|
if (isset($src['file_name']) && $src['file_name']) {
|
||||||
$src_str .= " ({$src['count']})";
|
$src_str .= "\n{$src['file_name']}";
|
||||||
|
}
|
||||||
|
$src_str .= "' class='checklist_image' />";
|
||||||
}
|
}
|
||||||
$src_str .= "' class='checklist_image' />";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$ret['targets'][] = array_merge([
|
$ret['targets'][] = array_merge([
|
||||||
@ -1552,8 +1556,8 @@ function get_hosts($cat_id = null)
|
|||||||
'cat_1' => $tgt->getCat1Count(),
|
'cat_1' => $tgt->getCat1Count(),
|
||||||
'cat_2' => $tgt->getCat2Count(),
|
'cat_2' => $tgt->getCat2Count(),
|
||||||
'cat_3' => $tgt->getCat3Count(),
|
'cat_3' => $tgt->getCat3Count(),
|
||||||
'comp' => $tgt->getCompliantPercent(),
|
'comp' => floatval(number_format($tgt->getCompliantPercent(), 6)),
|
||||||
'assessed' => $tgt->getAssessedPercent()
|
'assessed' => floatval(number_format($tgt->getAssessedPercent(), 6))
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -21,6 +21,7 @@
|
|||||||
* - May 13, 2017 - Added WindowsFirewall.jpg image for checklist
|
* - May 13, 2017 - Added WindowsFirewall.jpg image for checklist
|
||||||
* - May 19, 2017 - Fixed typo for WindowsFirewall
|
* - May 19, 2017 - Fixed typo for WindowsFirewall
|
||||||
* - Aug 23, 2017 - JO, Expanded checklist icons
|
* - Aug 23, 2017 - JO, Expanded checklist icons
|
||||||
|
* - Nov 6, 2018 - Deleted duplicate BIND 9 checklist icon entry
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -545,9 +546,6 @@ class checklist
|
|||||||
case (preg_match("/Mobile Device/i", $this->name) ? true : false):
|
case (preg_match("/Mobile Device/i", $this->name) ? true : false):
|
||||||
$this->icon = 'mobile-device.jpg';
|
$this->icon = 'mobile-device.jpg';
|
||||||
break;
|
break;
|
||||||
case (preg_match("/BIND 9/i", $this->name) ? true : false):
|
|
||||||
$this->icon = 'BIND DNS.jpg';
|
|
||||||
break;
|
|
||||||
case (preg_match("/Remote Access/i", $this->name) ? true : false):
|
case (preg_match("/Remote Access/i", $this->name) ? true : false):
|
||||||
$this->icon = 'remote-access.gif';
|
$this->icon = 'remote-access.gif';
|
||||||
break;
|
break;
|
||||||
|
1159
classes/finding.inc
1159
classes/finding.inc
File diff suppressed because it is too large
Load Diff
@ -13,6 +13,8 @@
|
|||||||
* Change Log:
|
* Change Log:
|
||||||
* - Jan 16, 2018 - File created
|
* - Jan 16, 2018 - File created
|
||||||
* - Feb 6, 2018 - Added getter/setter methods
|
* - Feb 6, 2018 - Added getter/setter methods
|
||||||
|
* - Nov 6, 2018 - Deleted unused constructor
|
||||||
|
* - Nov 8, 2018 - Added method to increase finding count
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -65,14 +67,6 @@ class host_list
|
|||||||
*/
|
*/
|
||||||
private $_scanNotes = null;
|
private $_scanNotes = null;
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor
|
|
||||||
*/
|
|
||||||
public function __construct()
|
|
||||||
{
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Getter function for _targetId
|
* Getter function for _targetId
|
||||||
*
|
*
|
||||||
@ -153,6 +147,16 @@ class host_list
|
|||||||
$this->_findingCount = $intFindingCount;
|
$this->_findingCount = $intFindingCount;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Method to add findings to the count
|
||||||
|
*
|
||||||
|
* @param int $intFindingCount
|
||||||
|
*/
|
||||||
|
public function addFindingCount($intFindingCount)
|
||||||
|
{
|
||||||
|
$this->_findingCount += $intFindingCount;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Getter function for _scanError
|
* Getter function for _scanError
|
||||||
*
|
*
|
||||||
|
1451
classes/import.inc
1451
classes/import.inc
File diff suppressed because it is too large
Load Diff
@ -83,7 +83,7 @@ class scan
|
|||||||
/**
|
/**
|
||||||
* Array of hosts
|
* Array of hosts
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array:host_list
|
||||||
*/
|
*/
|
||||||
protected $host_list = array();
|
protected $host_list = array();
|
||||||
|
|
||||||
@ -614,6 +614,31 @@ class scan
|
|||||||
$this->host_count = $total_host_count_in;
|
$this->host_count = $total_host_count_in;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Method to set a host error
|
||||||
|
*
|
||||||
|
* @param int $tgt_id
|
||||||
|
* @param boolean $is_error
|
||||||
|
* @param string $err_msg
|
||||||
|
*
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function set_Host_Error($tgt_id, $is_error, $err_msg = null)
|
||||||
|
{
|
||||||
|
if(isset($this->host_list[$tgt_id])) {
|
||||||
|
$h = $this->host_list[$tgt_id];
|
||||||
|
|
||||||
|
$h->setScanError($is_error);
|
||||||
|
$h->setScanNotes($err_msg);
|
||||||
|
|
||||||
|
$this->host_list[$tgt_id] = $h;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Function to return string of the td row for the upload progress page
|
* Function to return string of the td row for the upload progress page
|
||||||
*
|
*
|
||||||
|
@ -254,10 +254,10 @@ class ste_cat
|
|||||||
*/
|
*/
|
||||||
public function get_Table_Row($intCount = 0, $status_count = null)
|
public function get_Table_Row($intCount = 0, $status_count = null)
|
||||||
{
|
{
|
||||||
$nf = 0;
|
$nf = $this->nf;
|
||||||
$open = 0;
|
$open = $this->open;
|
||||||
$na = 0;
|
$na = $this->na;
|
||||||
if (!is_null($status_count)) {
|
if (!is_null($status_count) && is_array($status_count)) {
|
||||||
if (isset($status_count['nf'])) {
|
if (isset($status_count['nf'])) {
|
||||||
$nf = $status_count['nf'];
|
$nf = $status_count['nf'];
|
||||||
}
|
}
|
||||||
@ -271,6 +271,10 @@ class ste_cat
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!$intCount) {
|
||||||
|
$intCount = $this->tgt_count;
|
||||||
|
}
|
||||||
|
|
||||||
$cat_sources = [];
|
$cat_sources = [];
|
||||||
if (is_array($this->sources) && count($this->sources)) {
|
if (is_array($this->sources) && count($this->sources)) {
|
||||||
foreach ($this->sources as $src) {
|
foreach ($this->sources as $src) {
|
||||||
|
@ -110,7 +110,7 @@ class system {
|
|||||||
/**
|
/**
|
||||||
* System diagram
|
* System diagram
|
||||||
*
|
*
|
||||||
* @var binary
|
* @var mixed
|
||||||
*/
|
*/
|
||||||
protected $diagram = null;
|
protected $diagram = null;
|
||||||
|
|
||||||
@ -294,7 +294,7 @@ class system {
|
|||||||
/**
|
/**
|
||||||
* Getter function for system diagram
|
* Getter function for system diagram
|
||||||
*
|
*
|
||||||
* @return binary
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function get_Diagram() {
|
public function get_Diagram() {
|
||||||
return $this->diagram;
|
return $this->diagram;
|
||||||
@ -303,7 +303,7 @@ class system {
|
|||||||
/**
|
/**
|
||||||
* Setter function for system diagram
|
* Setter function for system diagram
|
||||||
*
|
*
|
||||||
* @param binary $bin_diag_in
|
* @param mixed $bin_diag_in
|
||||||
*/
|
*/
|
||||||
public function set_Diagram($bin_diag_in) {
|
public function set_Diagram($bin_diag_in) {
|
||||||
$this->diagram = $bin_diag_in;
|
$this->diagram = $bin_diag_in;
|
||||||
|
@ -147,8 +147,7 @@ innodb_log_group_home_dir = "C:/xampp/mysql/data"
|
|||||||
#innodb_log_arch_dir = "C:/xampp/mysql/data"
|
#innodb_log_arch_dir = "C:/xampp/mysql/data"
|
||||||
## You can set .._buffer_pool_size up to 50 - 80 %
|
## You can set .._buffer_pool_size up to 50 - 80 %
|
||||||
## of RAM but beware of setting memory usage too high
|
## of RAM but beware of setting memory usage too high
|
||||||
innodb_buffer_pool_size = 16M
|
innodb_buffer_pool_size = 20M
|
||||||
innodb_additional_mem_pool_size = 2M
|
|
||||||
## Set .._log_file_size to 25 % of buffer pool size
|
## Set .._log_file_size to 25 % of buffer pool size
|
||||||
innodb_log_file_size = 5M
|
innodb_log_file_size = 5M
|
||||||
innodb_log_buffer_size = 8M
|
innodb_log_buffer_size = 8M
|
||||||
|
2050
conf/php-dev.ini
Normal file
2050
conf/php-dev.ini
Normal file
File diff suppressed because it is too large
Load Diff
14
conf/php.ini
14
conf/php.ini
@ -2039,17 +2039,3 @@ eaccelerator.shm_prune_period="0"
|
|||||||
; on session data and content caching.
|
; on session data and content caching.
|
||||||
; Default value is "0" that means - use disk and shared memory for caching.
|
; Default value is "0" that means - use disk and shared memory for caching.
|
||||||
eaccelerator.shm_only="0"
|
eaccelerator.shm_only="0"
|
||||||
|
|
||||||
[XDebug]
|
|
||||||
;zend_extension = "C:\xampp\php\ext\php_xdebug.dll"
|
|
||||||
;xdebug.profiler_append = 0
|
|
||||||
;xdebug.profiler_enable = 1
|
|
||||||
;xdebug.profiler_enable_trigger = 0
|
|
||||||
;xdebug.profiler_output_dir = "C:\xampp\tmp"
|
|
||||||
;xdebug.profiler_output_name = "cachegrind.out.%t-%s"
|
|
||||||
;xdebug.remote_enable = 1
|
|
||||||
;xdebug.remote_handler = "dbgp"
|
|
||||||
;xdebug.remote_port = 9000
|
|
||||||
;xdebug.remote_host = "127.0.0.1"
|
|
||||||
;xdebug.remote_connect_back = 1
|
|
||||||
;xdebug.trace_output_dir = "C:\xampp\tmp"
|
|
||||||
|
BIN
conf/php_xdebug-2.6.0-7.2-vc15.dll
Normal file
BIN
conf/php_xdebug-2.6.0-7.2-vc15.dll
Normal file
Binary file not shown.
@ -30,8 +30,8 @@ define('E_DEBUG', 65535);
|
|||||||
define('DOC_ROOT', '{DOC_ROOT}');
|
define('DOC_ROOT', '{DOC_ROOT}');
|
||||||
define('PWD_FILE', '{PWD_FILE}');
|
define('PWD_FILE', '{PWD_FILE}');
|
||||||
define('TMP', '{TMP_PATH}');
|
define('TMP', '{TMP_PATH}');
|
||||||
define('VER', '1.3.3');
|
define('VER', '1.3.4');
|
||||||
define('REL_DATE', '2018-08-31');
|
define('REL_DATE', '2018-11-30');
|
||||||
define('LOG_LEVEL', '{E_ERROR}');
|
define('LOG_LEVEL', '{E_ERROR}');
|
||||||
define('LOG_PATH', '{LOG_PATH}');
|
define('LOG_PATH', '{LOG_PATH}');
|
||||||
define('SALT', '{SALT}');
|
define('SALT', '{SALT}');
|
||||||
|
288
data/catmgmt.inc
288
data/catmgmt.inc
@ -13,29 +13,30 @@
|
|||||||
* Change Log:
|
* Change Log:
|
||||||
* - May 2, 2018 - File created, Moved catalog mgmt html content from index page to this for easier viewing and refined the code a little
|
* - May 2, 2018 - File created, Moved catalog mgmt html content from index page to this for easier viewing and refined the code a little
|
||||||
*/
|
*/
|
||||||
|
global $db;
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<script src='/script/datatables/DataTables-1.10.9/js/jquery.dataTables.min.js'></script>
|
<script
|
||||||
<link rel="stylesheet" href="/script/datatables/DataTables-1.10.9/css/jquery.dataTables.min.css" />
|
src='/script/datatables/DataTables-1.10.9/js/jquery.dataTables.min.js'></script>
|
||||||
<link rel='stylesheet' href='/script/jquery-ui/jquery-ui.min.css' />
|
<link rel="stylesheet"
|
||||||
|
href="/script/datatables/DataTables-1.10.9/css/jquery.dataTables.min.css" />
|
||||||
|
<link rel='stylesheet' href='/script/jquery-ui/jquery-ui.theme.min.css' />
|
||||||
|
|
||||||
<style type='text/css'>
|
<style type='text/css'>
|
||||||
#availableSoftware {
|
#availableSoftware {
|
||||||
height: 227px;
|
height: 227px;
|
||||||
width: 240px;
|
width: 240px;
|
||||||
overflow-x: scroll;
|
overflow-x: scroll;
|
||||||
font-size: 14px;
|
font-size: 14px;
|
||||||
line-height: 1.25em;
|
line-height: 1.25em;
|
||||||
}
|
}
|
||||||
|
|
||||||
.swmouseover {
|
.swmouseover {
|
||||||
background-color: #1D57A0;
|
background-color: #1D57A0;
|
||||||
color: #fff;
|
color: #fff;
|
||||||
cursor: pointer;
|
cursor: pointer;
|
||||||
}
|
}
|
||||||
</style>
|
</style>
|
||||||
<script src='data.min.js' type='text/javascript'></script>
|
|
||||||
<script type='text/javascript'>
|
<script type='text/javascript'>
|
||||||
$(function () {
|
$(function () {
|
||||||
$('#catalog').DataTable({
|
$('#catalog').DataTable({
|
||||||
@ -45,73 +46,226 @@
|
|||||||
close_box();
|
close_box();
|
||||||
});
|
});
|
||||||
$('#release-date').datepicker();
|
$('#release-date').datepicker();
|
||||||
$('.button,.button-delete').mouseover(function(){$(this).addClass('mouseover');});
|
|
||||||
$('.button,.button-delete').mouseout(function(){$(this).removeClass('mouseover');});
|
|
||||||
});
|
});
|
||||||
</script>
|
|
||||||
<style type="text/css">
|
function close_box() {
|
||||||
thead {
|
$('.backdrop, .box').animate({
|
||||||
background-image: linear-gradient(to bottom, #ECECEC, rgba(177,177,177,0.72));
|
'opacity': '0'
|
||||||
color: #4c4c4c;
|
}, 300, 'linear', function () {
|
||||||
|
$('.backdrop, .box').css('display', 'none');
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function view_box() {
|
||||||
|
$('.backdrop').animate({
|
||||||
|
'opacity': '.5'
|
||||||
|
}, 300, 'linear');
|
||||||
|
$('.backdrop').css('display', 'block');
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_cat_data(fname) {
|
||||||
|
$('#popup').animate({
|
||||||
|
'opacity': '1.00'
|
||||||
|
}, 300, 'linear');
|
||||||
|
$('#popup').css('display', 'block');
|
||||||
|
view_box();
|
||||||
|
|
||||||
|
$.ajax('/ajax.php', {
|
||||||
|
data: {
|
||||||
|
action: 'get-cat-data',
|
||||||
|
'fname': fname
|
||||||
|
},
|
||||||
|
beforeSend: function () {
|
||||||
|
$('#id').val('');
|
||||||
|
$('#checklist-id').text('');
|
||||||
|
$('#name').val('');
|
||||||
|
$('#description').val('');
|
||||||
|
$('#version').text('');
|
||||||
|
$('#release').text('');
|
||||||
|
$('#icon').val('');
|
||||||
|
$('#type').text('');
|
||||||
|
$('#software option').remove();
|
||||||
|
$('#cpe').val('');
|
||||||
|
},
|
||||||
|
success: function (data) {
|
||||||
|
$('#id').val(data.id);
|
||||||
|
$('#checklist-id').text(data.checklist_id);
|
||||||
|
$('#name').val(data.name);
|
||||||
|
$('#description').val(data.description);
|
||||||
|
$('#version').text(data.ver);
|
||||||
|
$('#release').text(data.release);
|
||||||
|
$('#icon').val(data.icon);
|
||||||
|
$('#type').text(data.type);
|
||||||
|
|
||||||
|
var dt = new Date(data.date.date);
|
||||||
|
$('#release-date').val(dt.getMonth() + "/" + dt.getDate() + '/' + dt.getFullYear());
|
||||||
|
|
||||||
|
for (var x in data.sw) {
|
||||||
|
$('#software').append("<option id='" + data.sw[x].id + "'>" +
|
||||||
|
data.sw[x].man + " " + data.sw[x].name + " " + data.sw[x].ver +
|
||||||
|
"</option>");
|
||||||
|
}
|
||||||
|
|
||||||
|
$('#software option').dblclick(remove_Software);
|
||||||
|
},
|
||||||
|
error: function (xhr, status, error) {
|
||||||
|
console.error(error);
|
||||||
|
},
|
||||||
|
timeout: 3000,
|
||||||
|
method: 'post',
|
||||||
|
dataType: 'json'
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
function remove_Software() {
|
||||||
|
$.ajax("/ajax.php", {
|
||||||
|
data: {
|
||||||
|
action: 'checklist-remove-software',
|
||||||
|
chk_id: $('#id').val(),
|
||||||
|
sw_id: $(this).attr('id')
|
||||||
|
},
|
||||||
|
success: function (data) {
|
||||||
|
if (data.error) {
|
||||||
|
alert(data.error);
|
||||||
|
}
|
||||||
|
else if (data.success) {
|
||||||
|
alert(data.success);
|
||||||
|
}
|
||||||
|
},
|
||||||
|
error: function (xhr, status, error) {
|
||||||
|
console.error(error);
|
||||||
|
},
|
||||||
|
dataType: 'json',
|
||||||
|
timeout: 3000,
|
||||||
|
method: 'post'
|
||||||
|
});
|
||||||
|
|
||||||
|
$(this).remove();
|
||||||
|
}
|
||||||
|
|
||||||
|
function autocomplete_software() {
|
||||||
|
if ($('#cpe').val().length < 3) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$.ajax('/ajax.php', {
|
||||||
|
data: {
|
||||||
|
action: ($('#os').is(":checked") ? 'os_filter' : 'sw_filter'),
|
||||||
|
filter: $('#cpe').val()
|
||||||
|
},
|
||||||
|
success: function (data) {
|
||||||
|
$('#availableSoftware div').remove();
|
||||||
|
for (var x in data) {
|
||||||
|
$('#availableSoftware').append("<div sw_id='" + data[x].sw_id + "' cpe='" + data[x].cpe + "'>" + data[x].sw_string + "</div>");
|
||||||
|
}
|
||||||
|
$('#availableSoftware').show();
|
||||||
|
|
||||||
|
$('#availableSoftware div').each(function () {
|
||||||
|
$(this).on("mouseover", function () {
|
||||||
|
$(this).addClass("swmouseover");
|
||||||
|
});
|
||||||
|
$(this).on("mouseout", function () {
|
||||||
|
$(this).removeClass("swmouseover");
|
||||||
|
});
|
||||||
|
$(this).on("click", function () {
|
||||||
|
add_software($(this).attr('sw_id'));
|
||||||
|
$('#software').append("<option value='" + $(this).attr('sw_id') + "' ondblclick='remove_Software();$(this).remove();'>" + $(this).html() + "</option>");
|
||||||
|
$(this).remove();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
},
|
||||||
|
error: function (xhr, status, error) {
|
||||||
|
console.error(error);
|
||||||
|
},
|
||||||
|
dataType: 'json',
|
||||||
|
method: 'post',
|
||||||
|
timeout: 5000
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
function add_software(sw_id) {
|
||||||
|
$.ajax('/ajax.php', {
|
||||||
|
data: {
|
||||||
|
action: 'checklist-add-software',
|
||||||
|
'sw_id': sw_id,
|
||||||
|
chk_id: $('#id').val()
|
||||||
|
},
|
||||||
|
success: function (data) {
|
||||||
|
alert(data.status);
|
||||||
|
},
|
||||||
|
error: function (xhr, status, error) {
|
||||||
|
console.error(error);
|
||||||
|
},
|
||||||
|
dataType: 'json',
|
||||||
|
method: 'post',
|
||||||
|
timeout: 3000
|
||||||
|
});
|
||||||
|
}
|
||||||
|
</script>
|
||||||
|
<style type="text/css">
|
||||||
|
thead {
|
||||||
|
background-image: linear-gradient(to bottom, #ECECEC, rgba(177, 177, 177, 0.72));
|
||||||
|
color: #4c4c4c;
|
||||||
|
}
|
||||||
</style>
|
</style>
|
||||||
|
|
||||||
<div>
|
<div>
|
||||||
<table id='catalog' class='display'>
|
<table id='catalog' class='display'>
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<th>File Name</th>
|
<th>File Name</th>
|
||||||
<th>Status</th>
|
<th>Status</th>
|
||||||
<th>Start Time</th>
|
<th>Start Time</th>
|
||||||
<th>% Complete</th>
|
<th>% Complete</th>
|
||||||
<th>STIG Count</th>
|
<th>STIG Count</th>
|
||||||
</tr>
|
<th>eChecklist</th>
|
||||||
</thead>
|
</tr>
|
||||||
|
</thead>
|
||||||
|
|
||||||
<tbody>
|
<tbody>
|
||||||
<?php
|
<?php
|
||||||
$cat_scripts = $db->get_Catalog_Script();
|
$cat_scripts = $db->get_Catalog_Script();
|
||||||
$odd = true;
|
foreach ($cat_scripts as $cat_script) {
|
||||||
foreach ($cat_scripts as $key => $cat_script) {
|
print <<<EOR
|
||||||
print <<<EOL
|
|
||||||
<tr>
|
<tr>
|
||||||
<td onclick='javascript:get_cat_data("{$cat_script->file_name}");'><a href='javascript:void(0);'>{$cat_script->file_name}</a></td>
|
<td onclick='javascript:get_cat_data("{$cat_script->file_name}");'>
|
||||||
|
<a href='javascript:void(0);'>{$cat_script->file_name}</a>
|
||||||
|
</td>
|
||||||
<td>{$cat_script->status}</td>
|
<td>{$cat_script->status}</td>
|
||||||
<td>{$cat_script->start_time->format("Y-m-d H:i:s")}</td>
|
<td>{$cat_script->start_time->format("Y-m-d H:i:s")}</td>
|
||||||
<td>{$cat_script->perc_comp}</td>
|
<td>{$cat_script->perc_comp}</td>
|
||||||
<td>{$cat_script->stig_count}</td>
|
<td>{$cat_script->stig_count}</td>
|
||||||
|
<td>
|
||||||
|
<a href='/data/gen-echecklist.php?id={$cat_script->id}' target='_blank'><img src='/img/scan_types/echecklist.png' style='width:32px'; /></a>
|
||||||
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
EOL;
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
EOR;
|
||||||
</tbody>
|
}
|
||||||
</table>
|
?>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div id='popup' class='box'>
|
<div id='popup' class='box'>
|
||||||
<div style='display:inline-block;width:49%;vertical-align:top;'>
|
<div style='display: inline-block; width: 49%; vertical-align: top;'>
|
||||||
<input type='hidden' id='id' />
|
<input type='hidden' id='id' />
|
||||||
Checklist ID: <span id='checklist-id'></span><br />
|
Checklist ID: <span id='checklist-id'></span><br />
|
||||||
Name: <input type='text' id='name' /><br />
|
Name: <input type='text' id='name' /><br />
|
||||||
Description: <textarea id='description'></textarea><br />
|
Description: <input type='text' id='description' /><br />
|
||||||
Version: <span id='version'></span><br />
|
Version: <span id='version'></span><br />
|
||||||
Release: <span id='release'></span><br />
|
Release: <span id='release'></span><br />
|
||||||
Release Date: <input type='text' id='release-date' /><br />
|
Release Date: <input type='text' id='release-date' /><br />
|
||||||
Icon: <input type='text' id='icon' title='Put file in <?php print realpath(DOC_ROOT . "/img/checklist_icons") ?> and copy/paste the base filename here' /><br />
|
Icon: <input type='text' id='icon' /><br />
|
||||||
Type: <span id='type'></span><br />
|
Type: <span id='type'></span>
|
||||||
<input type='button' class="button" value='Save' onclick='save_checklist();' />
|
</div>
|
||||||
<!-- <input type='button' class='button-delete' value='Delete' onclick='' /> -->
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div style='display:inline-block;width:49%;'>
|
<div style='display: inline-block; width: 49%;'>
|
||||||
<select id='software' multiple size='10' style='width:275px;' title='Double-click to remove software'></select><br />
|
<select id='software' multiple size='10'></select><br />
|
||||||
|
Add CPE: <input type='text' id='cpe' onkeyup='javascript:autocomplete_software();' />
|
||||||
Add CPE: <input type='text' id='cpe' onkeyup='javascript:autocomplete_software();' />
|
<label for='os'>OS?</label> <input type='checkbox' id='os' /><br />
|
||||||
<label for='os'>OS?</label>
|
<div id="availableSoftware"></div>
|
||||||
<input type='checkbox' id='os' /><br />
|
</div>
|
||||||
<div id="availableSoftware"></div>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="backdrop"></div>
|
<div class="backdrop"></div>
|
197
data/gen-echecklist.php
Normal file
197
data/gen-echecklist.php
Normal file
@ -0,0 +1,197 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
set_time_limit(0);
|
||||||
|
require_once 'config.inc';
|
||||||
|
require_once 'helper.inc';
|
||||||
|
require_once 'vendor/autoload.php';
|
||||||
|
require_once 'database.inc';
|
||||||
|
require_once 'excelConditionalStyles.inc';
|
||||||
|
|
||||||
|
use PhpOffice\PhpSpreadsheet\Writer\Xlsx;
|
||||||
|
use Monolog\Logger;
|
||||||
|
use Monolog\Handler\StreamHandler;
|
||||||
|
|
||||||
|
$log_level = convert_log_level();
|
||||||
|
$log = new Logger("eChecklist-export");
|
||||||
|
$log->pushHandler(new StreamHandler(LOG_PATH . "/echecklist-export.log", $log_level));
|
||||||
|
|
||||||
|
global $conditions, $validation, $borders;
|
||||||
|
|
||||||
|
$db = new db();
|
||||||
|
$id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT, FILTER_NULL_ON_FAILURE);
|
||||||
|
|
||||||
|
if(!$id) {
|
||||||
|
die("Failed to read checklist ID");
|
||||||
|
}
|
||||||
|
|
||||||
|
$host_status = [
|
||||||
|
$conditions['open'],
|
||||||
|
$conditions['exception'],
|
||||||
|
$conditions['false_positive'],
|
||||||
|
$conditions['not_a_finding'],
|
||||||
|
$conditions['not_applicable'],
|
||||||
|
$conditions['no_data'],
|
||||||
|
$conditions['not_reviewed'],
|
||||||
|
$conditions['true'],
|
||||||
|
$conditions['false']
|
||||||
|
];
|
||||||
|
|
||||||
|
/** @var checklist $chk */
|
||||||
|
$chk = $db->get_Checklist($id);
|
||||||
|
if(is_array($chk) && count($chk) && isset($chk[0])) {
|
||||||
|
$chk = $chk[0];
|
||||||
|
} else {
|
||||||
|
die("Failed to find the checklist");
|
||||||
|
}
|
||||||
|
|
||||||
|
$Reader = \PhpOffice\PhpSpreadsheet\IOFactory::createReaderForFile("../ste/eChecklist-Template.xlsx");
|
||||||
|
$ss = $Reader->load("../ste/eChecklist-Template.xlsx");
|
||||||
|
|
||||||
|
$log->debug("Loaded template");
|
||||||
|
|
||||||
|
$ss->setActiveSheetIndexByName('Cover Sheet')
|
||||||
|
->setCellValue("B5", "{$chk->get_Name()} eChecklist")
|
||||||
|
->setCellValue("B9", "")
|
||||||
|
->setCellValue("B2", (substr($chk->get_File_Name(), 0, 1) == 'U' ? "UNCLASSIFIED" : "FOUO"))
|
||||||
|
->setCellValue("B12", "by:\r" . COMPANY . "\r" . COMP_ADD)
|
||||||
|
->setCellValue("B15", "Derived from: " . SCG . "\rReasons: <reasons>\rDeclassify on: " . DECLASSIFY_ON);
|
||||||
|
|
||||||
|
// set properties
|
||||||
|
$ss->getProperties()
|
||||||
|
->setCreator(CREATOR);
|
||||||
|
$ss->getProperties()
|
||||||
|
->setLastModifiedBy(LAST_MODIFIED_BY);
|
||||||
|
$ss->getProperties()
|
||||||
|
->setCompany(COMPANY);
|
||||||
|
$ss->getProperties()
|
||||||
|
->setTitle("{$chk->get_Name()} eChecklist");
|
||||||
|
$ss->getProperties()
|
||||||
|
->setSubject("{$chk->get_Name()} eChecklist");
|
||||||
|
$ss->getProperties()
|
||||||
|
->setDescription("{$chk->get_Name()} eChecklist");
|
||||||
|
|
||||||
|
// set active sheet
|
||||||
|
$ss->setActiveSheetIndex(2);
|
||||||
|
$sheet = $ss->getActiveSheet();
|
||||||
|
$sheet->setCellValue("B9", "{$chk->get_Name()} V{$chk->get_Version()}R{$chk->get_Release()} ({$chk->get_type()})");
|
||||||
|
$sheet->setTitle($chk->get_Name());
|
||||||
|
$sheet->setCellValue("A1", (substr($chk->get_File_Name(), 0, 1) == 'U' ? "UNCLASSIFIED" : "UNCLASSIFIED//FOUO"));
|
||||||
|
|
||||||
|
$db->help->select("pdi", null, [
|
||||||
|
[
|
||||||
|
'field' => 'pcl.checklist_id',
|
||||||
|
'op' => '=',
|
||||||
|
'value' => $id
|
||||||
|
]
|
||||||
|
], [
|
||||||
|
'table_joins' => [
|
||||||
|
"JOIN pdi_checklist_lookup pcl ON pcl.pdi_id = pdi.pdi_id"
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
$pdis = $db->help->execute();
|
||||||
|
|
||||||
|
$row = 11;
|
||||||
|
if(is_array($pdis) && count($pdis)) {
|
||||||
|
foreach($pdis as $p) {
|
||||||
|
$overall_str = "=IF(" .
|
||||||
|
"COUNTIF(F{$row}:F{$row},\"Open\")+" .
|
||||||
|
"COUNTIF(F{$row}:F{$row},\"Exception\")" .
|
||||||
|
">0,\"Open\",\"Not a Finding\")";
|
||||||
|
$same_str = "=IF(" .
|
||||||
|
"COUNTIF(F{$row}:F{$row},F{$row})=" .
|
||||||
|
"COLUMNS(F{$row}:F{$row}), TRUE, FALSE)";
|
||||||
|
|
||||||
|
$sheet->setCellValue("A{$row}", $p['STIG_ID'])
|
||||||
|
->setCellValue("B{$row}", $p['VMS_ID'])
|
||||||
|
->setCellValue("C{$row}", $p['CAT'])
|
||||||
|
->setCellValue("D{$row}", $p['IA_Controls'])
|
||||||
|
->setCellValue("E{$row}", $p['short_title'])
|
||||||
|
->setCellValue("F{$row}", "Not Reviewed")
|
||||||
|
->setCellValue("G{$row}", $overall_str)
|
||||||
|
->setCellValue("H{$row}", $same_str, true)
|
||||||
|
->setCellValue("I{$row}", "")
|
||||||
|
->setCellValue("J{$row}", $p['check_contents'])
|
||||||
|
->getStyle("H11:H{$sheet->getHighestDataRow()}")
|
||||||
|
->setConditionalStyles([$conditions['true'], $conditions['false']]);
|
||||||
|
$row++;
|
||||||
|
}
|
||||||
|
|
||||||
|
$sheet->setDataValidation("F11:F{$row}", clone $validation['host_status']);
|
||||||
|
$sheet->getStyle("F11:G{$row}")
|
||||||
|
->setConditionalStyles($host_status);
|
||||||
|
$sheet->getStyle("C11:C{$row}")
|
||||||
|
->setConditionalStyles(array($conditions['cat_1'], $conditions['cat_2'], $conditions['cat_3']));
|
||||||
|
|
||||||
|
$sheet->getStyle("I11:I{$row}")
|
||||||
|
->setConditionalStyles(
|
||||||
|
[
|
||||||
|
$conditions['open_conflict'],
|
||||||
|
$conditions['nf_na_conflict']
|
||||||
|
]
|
||||||
|
);
|
||||||
|
|
||||||
|
$sheet->getStyle("A1:I{$row}")
|
||||||
|
->applyFromArray($borders);
|
||||||
|
$sheet->freezePane("A11");
|
||||||
|
$sheet->setAutoFilter("A10:I10");
|
||||||
|
|
||||||
|
$sheet->getColumnDimension("F")->setWidth(14.14);
|
||||||
|
$sheet->setCellValue("F8", "=COUNTIFS(F11:F{$row}, \"Open\", \$C\$11:\$C\${$row}, \"I\")")
|
||||||
|
->setCellValue("F9", "=COUNTIF(F11:F{$row}, \"Not Reviewed\")")
|
||||||
|
->setCellValue("F10", "Example");
|
||||||
|
$sheet->getStyle("F10")
|
||||||
|
->getFont()
|
||||||
|
->setBold(true);
|
||||||
|
$sheet->getStyle("F10")
|
||||||
|
->getFill()
|
||||||
|
->setFillType(\PhpOffice\PhpSpreadsheet\Style\Fill::FILL_SOLID)
|
||||||
|
->setStartColor($GLOBALS['yellow']);
|
||||||
|
|
||||||
|
$open_cat_1 = "=COUNTIFS(F11:F{$row}, \"Open\", \$C\$11:\$C\${$row}, \"I\")";
|
||||||
|
$open_cat_2 = "=COUNTIFS(F11:F{$row}, \"Open\", \$C\$11:\$C\${$row}, \"II\")";
|
||||||
|
$open_cat_3 = "=COUNTIFS(F11:F{$row}, \"Open\", \$C\$11:\$C\${$row}, \"III\")";
|
||||||
|
$not_a_finding = "=COUNTIF(F11:F{$row}, \"Not a Finding\")";
|
||||||
|
$not_applicable = "=COUNTIF(F11:F{$row}, \"Not Applicable\")";
|
||||||
|
$not_reviewed = "=COUNTIF(F11:F{$row}, \"Not Reviewed\")";
|
||||||
|
|
||||||
|
$sheet->getStyle("G8:H8")
|
||||||
|
->getFill()
|
||||||
|
->setFillType(\PhpOffice\PhpSpreadsheet\Style\Fill::FILL_SOLID)
|
||||||
|
->setStartColor($GLOBALS['orange']);
|
||||||
|
$sheet->getStyle("G9:H9")
|
||||||
|
->getFill()
|
||||||
|
->setFillType(\PhpOffice\PhpSpreadsheet\Style\Fill::FILL_SOLID)
|
||||||
|
->setStartColor($GLOBALS['green']);
|
||||||
|
$sheet->getStyle("G10:H10")
|
||||||
|
->getFill()
|
||||||
|
->setFillType(\PhpOffice\PhpSpreadsheet\Style\Fill::FILL_SOLID)
|
||||||
|
->setStartColor($GLOBALS['yellow']);
|
||||||
|
$sheet->getStyle("I10:J10")
|
||||||
|
->getFill()
|
||||||
|
->setFillType(\PhpOffice\PhpSpreadsheet\Style\Fill::FILL_SOLID)
|
||||||
|
->setStartColor($GLOBALS['light_gray']);
|
||||||
|
|
||||||
|
$sheet->setCellValue("G8", "=COUNTIF(G11:H{$row}, \"Open\")")
|
||||||
|
->setCellValue("G9", "=COUNTIF(G11:G{$row}, \"Not a Finding\")")
|
||||||
|
->setCellValue("H8", "=COUNTIF(H11:H{$row}, FALSE)")
|
||||||
|
->setCellValue("H9", "=COUNTIF(H11:H{$row}, TRUE)")
|
||||||
|
->setCellValue("E3", "")
|
||||||
|
->setCellValue("E4", "")
|
||||||
|
->setCellValue("G4", "")
|
||||||
|
->setCellValue('C2', $open_cat_1)
|
||||||
|
->setCellValue('C3', $open_cat_2)
|
||||||
|
->setCellValue('C4', $open_cat_3)
|
||||||
|
->setCellValue('C5', $not_a_finding)
|
||||||
|
->setCellValue('C6', $not_applicable)
|
||||||
|
->setCellValue('C7', $not_reviewed);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
print "Error";
|
||||||
|
}
|
||||||
|
|
||||||
|
/**/
|
||||||
|
$writer = new Xlsx($ss);
|
||||||
|
$writer->setPreCalculateFormulas(false);
|
||||||
|
header("Content-type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
|
||||||
|
header("Content-disposition: attachment; filename='{$chk->get_Name()}-eChecklist.xlsx'");
|
||||||
|
$writer->save("php://output");
|
248
data/index.php
248
data/index.php
@ -405,253 +405,7 @@ include_once 'header.inc';
|
|||||||
include_once 'settings.inc';
|
include_once 'settings.inc';
|
||||||
}
|
}
|
||||||
elseif ($page == 'CatMgmt') {
|
elseif ($page == 'CatMgmt') {
|
||||||
?>
|
include_once 'catmgmt.inc';
|
||||||
<script src='/script/datatables/DataTables-1.10.9/js/jquery.dataTables.min.js'></script>
|
|
||||||
<link rel="stylesheet" href="/script/datatables/DataTables-1.10.9/css/jquery.dataTables.min.css" />
|
|
||||||
<link rel='stylesheet' href='/script/jquery-ui-1.11.4/jquery-ui.min.css' />
|
|
||||||
|
|
||||||
<style type='text/css'>
|
|
||||||
#availableSoftware {
|
|
||||||
height: 227px;
|
|
||||||
width: 240px;
|
|
||||||
overflow-x: scroll;
|
|
||||||
font-size: 14px;
|
|
||||||
line-height: 1.25em;
|
|
||||||
}
|
|
||||||
|
|
||||||
.swmouseover {
|
|
||||||
background-color: #1D57A0;
|
|
||||||
color: #fff;
|
|
||||||
cursor: pointer;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
<script type='text/javascript'>
|
|
||||||
$(function () {
|
|
||||||
$('#catalog').DataTable({
|
|
||||||
'stripeClasses': ['odd_row', 'even_row']
|
|
||||||
});
|
|
||||||
$('.close, .backdrop').click(function () {
|
|
||||||
close_box();
|
|
||||||
});
|
|
||||||
$('#release-date').datepicker();
|
|
||||||
});
|
|
||||||
|
|
||||||
function close_box() {
|
|
||||||
$('.backdrop, .box').animate({
|
|
||||||
'opacity': '0'
|
|
||||||
}, 300, 'linear', function () {
|
|
||||||
$('.backdrop, .box').css('display', 'none');
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
function view_box() {
|
|
||||||
$('.backdrop').animate({
|
|
||||||
'opacity': '.5'
|
|
||||||
}, 300, 'linear');
|
|
||||||
$('.backdrop').css('display', 'block');
|
|
||||||
}
|
|
||||||
|
|
||||||
function get_cat_data(fname) {
|
|
||||||
$('#popup').animate({
|
|
||||||
'opacity': '1.00'
|
|
||||||
}, 300, 'linear');
|
|
||||||
$('#popup').css('display', 'block');
|
|
||||||
view_box();
|
|
||||||
|
|
||||||
$.ajax('/ajax.php', {
|
|
||||||
data: {
|
|
||||||
action: 'get-cat-data',
|
|
||||||
'fname': fname
|
|
||||||
},
|
|
||||||
beforeSend: function () {
|
|
||||||
$('#id').val('');
|
|
||||||
$('#checklist-id').text('');
|
|
||||||
$('#name').val('');
|
|
||||||
$('#description').val('');
|
|
||||||
$('#version').text('');
|
|
||||||
$('#release').text('');
|
|
||||||
$('#icon').val('');
|
|
||||||
$('#type').text('');
|
|
||||||
$('#software option').remove();
|
|
||||||
$('#cpe').val('');
|
|
||||||
},
|
|
||||||
success: function (data) {
|
|
||||||
$('#id').val(data.id);
|
|
||||||
$('#checklist-id').text(data.checklist_id);
|
|
||||||
$('#name').val(data.name);
|
|
||||||
$('#description').val(data.description);
|
|
||||||
$('#version').text(data.ver);
|
|
||||||
$('#release').text(data.release);
|
|
||||||
$('#icon').val(data.icon);
|
|
||||||
$('#type').text(data.type);
|
|
||||||
|
|
||||||
var dt = new Date(data.date.date);
|
|
||||||
$('#release-date').val(dt.getMonth() + "/" + dt.getDate() + '/' + dt.getFullYear());
|
|
||||||
|
|
||||||
for (var x in data.sw) {
|
|
||||||
$('#software').append("<option id='" + data.sw[x].id + "'>" +
|
|
||||||
data.sw[x].man + " " + data.sw[x].name + " " + data.sw[x].ver +
|
|
||||||
"</option>");
|
|
||||||
}
|
|
||||||
|
|
||||||
$('#software option').dblclick(remove_Software);
|
|
||||||
},
|
|
||||||
error: function (xhr, status, error) {
|
|
||||||
console.error(error);
|
|
||||||
},
|
|
||||||
timeout: 3000,
|
|
||||||
method: 'post',
|
|
||||||
dataType: 'json'
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
function remove_Software() {
|
|
||||||
$.ajax("/ajax.php", {
|
|
||||||
data: {
|
|
||||||
action: 'checklist-remove-software',
|
|
||||||
chk_id: $('#id').val(),
|
|
||||||
sw_id: $(this).attr('id')
|
|
||||||
},
|
|
||||||
success: function (data) {
|
|
||||||
if (data.error) {
|
|
||||||
alert(data.error);
|
|
||||||
}
|
|
||||||
else if (data.success) {
|
|
||||||
alert(data.success);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
error: function (xhr, status, error) {
|
|
||||||
console.error(error);
|
|
||||||
},
|
|
||||||
dataType: 'json',
|
|
||||||
timeout: 3000,
|
|
||||||
method: 'post'
|
|
||||||
});
|
|
||||||
|
|
||||||
$(this).remove();
|
|
||||||
}
|
|
||||||
|
|
||||||
function autocomplete_software() {
|
|
||||||
if ($('#cpe').val().length < 3) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$.ajax('/ajax.php', {
|
|
||||||
data: {
|
|
||||||
action: ($('#os').is(":checked") ? 'os_filter' : 'sw_filter'),
|
|
||||||
filter: $('#cpe').val()
|
|
||||||
},
|
|
||||||
success: function (data) {
|
|
||||||
$('#availableSoftware div').remove();
|
|
||||||
for (var x in data) {
|
|
||||||
$('#availableSoftware').append("<div sw_id='" + data[x].sw_id + "' cpe='" + data[x].cpe + "'>" + data[x].sw_string + "</div>");
|
|
||||||
}
|
|
||||||
$('#availableSoftware').show();
|
|
||||||
|
|
||||||
$('#availableSoftware div').each(function () {
|
|
||||||
$(this).on("mouseover", function () {
|
|
||||||
$(this).addClass("swmouseover");
|
|
||||||
});
|
|
||||||
$(this).on("mouseout", function () {
|
|
||||||
$(this).removeClass("swmouseover");
|
|
||||||
});
|
|
||||||
$(this).on("click", function () {
|
|
||||||
add_software($(this).attr('sw_id'));
|
|
||||||
$('#software').append("<option value='" + $(this).attr('sw_id') + "' ondblclick='remove_Software();$(this).remove();'>" + $(this).html() + "</option>");
|
|
||||||
$(this).remove();
|
|
||||||
});
|
|
||||||
});
|
|
||||||
},
|
|
||||||
error: function (xhr, status, error) {
|
|
||||||
console.error(error);
|
|
||||||
},
|
|
||||||
dataType: 'json',
|
|
||||||
method: 'post',
|
|
||||||
timeout: 5000
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
function add_software(sw_id) {
|
|
||||||
$.ajax('/ajax.php', {
|
|
||||||
data: {
|
|
||||||
action: 'checklist-add-software',
|
|
||||||
'sw_id': sw_id,
|
|
||||||
chk_id: $('#id').val()
|
|
||||||
},
|
|
||||||
success: function (data) {
|
|
||||||
alert(data.status);
|
|
||||||
},
|
|
||||||
error: function (xhr, status, error) {
|
|
||||||
console.error(error);
|
|
||||||
},
|
|
||||||
dataType: 'json',
|
|
||||||
method: 'post',
|
|
||||||
timeout: 3000
|
|
||||||
});
|
|
||||||
}
|
|
||||||
</script>
|
|
||||||
<style type="text/css">
|
|
||||||
thead {
|
|
||||||
background-image: linear-gradient(to bottom, #ECECEC, rgba(177,177,177,0.72));
|
|
||||||
color: #4c4c4c;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
|
|
||||||
<div>
|
|
||||||
<table id='catalog' class='display'>
|
|
||||||
<thead>
|
|
||||||
<tr>
|
|
||||||
<th>File Name</th>
|
|
||||||
<th>Status</th>
|
|
||||||
<th>Start Time</th>
|
|
||||||
<th>% Complete</th>
|
|
||||||
<th>STIG Count</th>
|
|
||||||
</tr>
|
|
||||||
</thead>
|
|
||||||
|
|
||||||
<tbody>
|
|
||||||
<?php
|
|
||||||
$cat_scripts = $db->get_Catalog_Script();
|
|
||||||
$odd = true;
|
|
||||||
foreach ($cat_scripts as $key => $cat_script) {
|
|
||||||
print "<tr>" .
|
|
||||||
"<td onclick='javascript:get_cat_data(\"{$cat_script->file_name}\");'><a href='javascript:void(0);'>{$cat_script->file_name}</a></td>" .
|
|
||||||
"<td>{$cat_script->status}</td>" .
|
|
||||||
"<td>{$cat_script->start_time->format("Y-m-d H:i:s")}</td>" .
|
|
||||||
"<td>{$cat_script->perc_comp}</td>" .
|
|
||||||
"<td>{$cat_script->stig_count}</td>" .
|
|
||||||
"</td>";
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
</tbody>
|
|
||||||
</table>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div id='popup' class='box'>
|
|
||||||
<div style='display:inline-block;width:49%;vertical-align:top;'>
|
|
||||||
<input type='hidden' id='id' />
|
|
||||||
Checklist ID: <span id='checklist-id'></span><br />
|
|
||||||
Name: <input type='text' id='name' /><br />
|
|
||||||
Description: <input type='text' id='description' /><br />
|
|
||||||
Version: <span id='version'></span><br />
|
|
||||||
Release: <span id='release'></span><br />
|
|
||||||
Release Date: <input type='text' id='release-date' /><br />
|
|
||||||
Icon: <input type='text' id='icon' /><br />
|
|
||||||
Type: <span id='type'></span>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div style='display:inline-block;width:49%;'>
|
|
||||||
<select id='software' multiple size='10'></select><br />
|
|
||||||
|
|
||||||
Add CPE: <input type='text' id='cpe' onkeyup='javascript:autocomplete_software();' />
|
|
||||||
<label for='os'>OS?</label>
|
|
||||||
<input type='checkbox' id='os' /><br />
|
|
||||||
<div id="availableSoftware"></div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="backdrop"></div>
|
|
||||||
<?php
|
|
||||||
}
|
}
|
||||||
elseif ($page == 'Search') {
|
elseif ($page == 'Search') {
|
||||||
$q = filter_input(INPUT_POST, 'q', FILTER_SANITIZE_STRING, FILTER_NULL_ON_FAILURE);
|
$q = filter_input(INPUT_POST, 'q', FILTER_SANITIZE_STRING, FILTER_NULL_ON_FAILURE);
|
||||||
|
@ -22,6 +22,7 @@
|
|||||||
* - Apr 5, 2017 - Formatting
|
* - Apr 5, 2017 - Formatting
|
||||||
* - Dec 19, 2017 - Converted from XML to JSON format export/import
|
* - Dec 19, 2017 - Converted from XML to JSON format export/import
|
||||||
* - Jan 16, 2018 - Updated to use host_list class
|
* - Jan 16, 2018 - Updated to use host_list class
|
||||||
|
* - Nov 19, 2018 - Fixed bug from changes to get_Category_Findings method
|
||||||
*
|
*
|
||||||
* @TODO - Change to export and import CPE
|
* @TODO - Change to export and import CPE
|
||||||
*/
|
*/
|
||||||
@ -31,562 +32,306 @@ include_once 'database.inc';
|
|||||||
|
|
||||||
$db = new db();
|
$db = new db();
|
||||||
|
|
||||||
$cmd = getopt("f::", array("import::"));
|
$cmd = getopt("f::", [
|
||||||
|
"import::",
|
||||||
|
"export::"
|
||||||
|
]);
|
||||||
|
|
||||||
if (isset($_REQUEST['export'])) {
|
if (isset($_REQUEST['export'])) {
|
||||||
if (!isset($_REQUEST['ste'])) {
|
if (! isset($_REQUEST['ste'])) {
|
||||||
print "You must select an ST&E <a href='javascript:void(0);' onclick='javascript:history.go(-1);'>Back</a>";
|
print "You must select an ST&E <a href='javascript:void(0);' onclick='javascript:history.go(-1);'>Back</a>";
|
||||||
exit;
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_REQUEST['export'] == 'Export STE') {
|
if ($_REQUEST['export'] == 'Export STE') {
|
||||||
export_STE();
|
export_STE();
|
||||||
}
|
} elseif ($_REQUEST['export'] == 'Export Host List') {
|
||||||
elseif ($_REQUEST['export'] == 'Export Host List') {
|
export_Host_List();
|
||||||
export_Host_List();
|
}
|
||||||
}
|
} elseif (isset($cmd['import'])) {
|
||||||
}
|
import_STE();
|
||||||
elseif (isset($cmd['import'])) {
|
} else {
|
||||||
import_STE();
|
print "Usage: php ste_export_import.php -f=\"{path_to_ste_import_file}\" --import" . PHP_EOL;
|
||||||
}
|
|
||||||
else {
|
|
||||||
print "Usage: php ste_export_import.php -f=\"{path_to_ste_import_file}\" --import" . PHP_EOL;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Function to export an ST&E
|
* Function to export an ST&E
|
||||||
*/
|
*/
|
||||||
function export_STE() {
|
function export_STE()
|
||||||
set_time_limit(0);
|
{
|
||||||
global $db;
|
set_time_limit(0);
|
||||||
|
global $db;
|
||||||
|
|
||||||
$log = new Sagacity_Error("STE_Export.log");
|
$log = new Sagacity_Error("STE_Export.log");
|
||||||
|
|
||||||
$ste = $db->get_STE($_REQUEST['ste'])[0];
|
$ste = $db->get_STE($_REQUEST['ste'])[0];
|
||||||
$json = [
|
$json = [
|
||||||
'ste' => [
|
'ste' => [
|
||||||
'id' => $ste->get_ID(),
|
'id' => $ste->get_ID(),
|
||||||
'system_id' => $ste->get_System()->get_ID(),
|
'system_id' => $ste->get_System()->get_ID(),
|
||||||
'site_id' => $ste->get_Site()->get_ID(),
|
'site_id' => $ste->get_Site()->get_ID(),
|
||||||
'eval_start' => $ste->get_Eval_Start_Date()->format("Y-m-d"),
|
'eval_start' => $ste->get_Eval_Start_Date()->format("Y-m-d"),
|
||||||
'eval_end' => $ste->get_Eval_End_Date()->format("Y-m-d")
|
'eval_end' => $ste->get_Eval_End_Date()->format("Y-m-d")
|
||||||
],
|
],
|
||||||
'systems' => [],
|
'systems' => [],
|
||||||
'site' => [],
|
'site' => [],
|
||||||
'ste_cats' => [],
|
'ste_cats' => [],
|
||||||
'targets' => [],
|
'targets' => [],
|
||||||
'scans' => [],
|
'scans' => [],
|
||||||
'tech_findings' => [],
|
'tech_findings' => [],
|
||||||
'proc_findings' => []
|
'proc_findings' => []
|
||||||
];
|
|
||||||
|
|
||||||
$system_arr = $db->get_System($ste->get_System()->get_ID());
|
|
||||||
foreach ($system_arr as $key => $sys) {
|
|
||||||
$json['systems'][] = [
|
|
||||||
'id' => $sys->get_ID(),
|
|
||||||
'name' => $sys->get_Name(),
|
|
||||||
'mac' => $sys->get_MAC(),
|
|
||||||
'classification' => $sys->get_Classification(),
|
|
||||||
'abbr' => $sys->get_Abbreviation(),
|
|
||||||
'exec-summary' => $sys->get_Executive_Summary(),
|
|
||||||
'accrediation-type' => $sys->get_Accreditation_Type(),
|
|
||||||
'desc' => $sys->get_Description(),
|
|
||||||
'mitigations' => $sys->get_Mitigations()
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
$json['site'] = [
|
|
||||||
'id' => $ste->get_Site()->get_ID(),
|
|
||||||
'name' => $ste->get_Site()->get_Name(),
|
|
||||||
'address' => $ste->get_Site()->get_Address(),
|
|
||||||
'city' => $ste->get_Site()->get_City(),
|
|
||||||
'state' => $ste->get_Site()->get_State(),
|
|
||||||
'zip' => $ste->get_Site()->get_Zip(),
|
|
||||||
'country' => $ste->get_Site()->get_Country(),
|
|
||||||
'poc' => $ste->get_Site()->get_POC_Name(),
|
|
||||||
'email' => $ste->get_Site()->get_POC_Email(),
|
|
||||||
'phone' => $ste->get_Site()->get_POC_Phone()
|
|
||||||
];
|
|
||||||
|
|
||||||
$cat_arr = $db->get_STE_Cat_List($ste->get_ID());
|
|
||||||
foreach ($cat_arr as $key => $cat) {
|
|
||||||
$json['ste_cats'][] = [
|
|
||||||
'id' => $cat->get_ID(),
|
|
||||||
'ste_id' => $cat->get_STE_ID(),
|
|
||||||
'name' => $cat->get_Name(),
|
|
||||||
'analyst' => $cat->get_Analyst()
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
||||||
$all_findings = [];
|
|
||||||
$targets_arr = $db->get_Target_Details($ste->get_ID());
|
|
||||||
$used_cats = [];
|
|
||||||
if (empty($targets_arr)) {
|
|
||||||
$log->script_log("There are no targets in the ST&E", E_ERROR);
|
|
||||||
}
|
|
||||||
foreach ($targets_arr as $key => $tgt) {
|
|
||||||
if (!in_array($tgt->get_Cat_ID(), $used_cats)) {
|
|
||||||
$all_findings = array_merge($all_findings, $db->get_Category_Findings($tgt->get_Cat_ID()));
|
|
||||||
$used_cats[] = $tgt->get_Cat_ID();
|
|
||||||
}
|
|
||||||
$os = $db->get_Software($tgt->get_OS_ID())[0];
|
|
||||||
|
|
||||||
$tgt_node = [
|
|
||||||
'id' => $tgt->get_ID(),
|
|
||||||
'ste_id' => $tgt->get_STE_ID(),
|
|
||||||
'cat_id' => $tgt->get_Cat_ID(),
|
|
||||||
'os_id' => $tgt->get_OS_ID(),
|
|
||||||
'os_string' => $tgt->get_OS_String(),
|
|
||||||
'os_man' => $os->get_Man(),
|
|
||||||
'os_name' => $os->get_Name(),
|
|
||||||
'os_ver' => $os->get_Version(),
|
|
||||||
'name' => $tgt->get_Name(),
|
|
||||||
'location' => $tgt->get_Location(),
|
|
||||||
'source' => $tgt->get_Source(),
|
|
||||||
'pp_flag' => '0',
|
|
||||||
'pp_off' => '1',
|
|
||||||
'login' => $tgt->get_Login(),
|
|
||||||
'class' => $tgt->classification,
|
|
||||||
'status' => [
|
|
||||||
'auto' => $tgt->get_Auto_Status_ID(),
|
|
||||||
'manual' => $tgt->get_Man_Status_ID(),
|
|
||||||
'data' => $tgt->get_Data_Status_ID(),
|
|
||||||
'fp_cat1' => $tgt->get_FP_Cat1_Status_ID()
|
|
||||||
],
|
|
||||||
'notes' => $tgt->get_Notes(),
|
|
||||||
'netstat' => $tgt->get_Netstat_Connections(),
|
|
||||||
'missing_patches' => $tgt->get_Missing_Patches(),
|
|
||||||
'interfaces' => [],
|
|
||||||
'software_list' => [],
|
|
||||||
'checklist_list' => []
|
|
||||||
];
|
];
|
||||||
|
|
||||||
foreach ($tgt->interfaces as $int) {
|
$system_arr = $db->get_System($ste->get_System()
|
||||||
$int_node = [
|
->get_ID());
|
||||||
'id' => $int->get_ID(),
|
foreach ($system_arr as $sys) {
|
||||||
'name' => $int->get_Name(),
|
$json['systems'][] = [
|
||||||
'ipv4' => $int->get_IPv4(),
|
'id' => $sys->get_ID(),
|
||||||
'ipv6' => $int->get_IPv6(),
|
'name' => $sys->get_Name(),
|
||||||
'hostname' => $int->get_Hostname(),
|
'mac' => $sys->get_MAC(),
|
||||||
'fqdn' => $int->get_FQDN(),
|
'classification' => $sys->get_Classification(),
|
||||||
'desc' => $int->get_Description(),
|
'abbr' => $sys->get_Abbreviation(),
|
||||||
'tcp_ports' => [],
|
'exec-summary' => $sys->get_Executive_Summary(),
|
||||||
'udp_ports' => []
|
'accrediation-type' => $sys->get_Accreditation_Type(),
|
||||||
];
|
'desc' => $sys->get_Description(),
|
||||||
|
'mitigations' => $sys->get_Mitigations()
|
||||||
foreach ($int->get_TCP_Ports() as $tcp) {
|
|
||||||
$int_node['tcp_ports'][] = [
|
|
||||||
'number' => $tcp->get_Port(),
|
|
||||||
'name' => $tcp->get_IANA_Name(),
|
|
||||||
'banner' => $tcp->get_Banner(),
|
|
||||||
'notes' => $tcp->get_Notes()
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($int->get_UDP_Ports() as $udp) {
|
$json['site'] = [
|
||||||
$int_node['udp_ports'][] = [
|
'id' => $ste->get_Site()->get_ID(),
|
||||||
'number' => $udp->get_Port(),
|
'name' => $ste->get_Site()->get_Name(),
|
||||||
'name' => $udp->get_IANA_Name(),
|
'address' => $ste->get_Site()->get_Address(),
|
||||||
'banner' => $udp->get_Banner(),
|
'city' => $ste->get_Site()->get_City(),
|
||||||
'notes' => $udp->get_Notes()
|
'state' => $ste->get_Site()->get_State(),
|
||||||
|
'zip' => $ste->get_Site()->get_Zip(),
|
||||||
|
'country' => $ste->get_Site()->get_Country(),
|
||||||
|
'poc' => $ste->get_Site()->get_POC_Name(),
|
||||||
|
'email' => $ste->get_Site()->get_POC_Email(),
|
||||||
|
'phone' => $ste->get_Site()->get_POC_Phone()
|
||||||
|
];
|
||||||
|
|
||||||
|
$cat_arr = $db->get_STE_Cat_List($ste->get_ID());
|
||||||
|
foreach ($cat_arr as $cat) {
|
||||||
|
$json['ste_cats'][] = [
|
||||||
|
'id' => $cat->get_ID(),
|
||||||
|
'ste_id' => $cat->get_STE_ID(),
|
||||||
|
'name' => $cat->get_Name(),
|
||||||
|
'analyst' => $cat->get_Analyst()
|
||||||
];
|
];
|
||||||
}
|
|
||||||
|
|
||||||
$tgt_node['interfaces'][] = $int_node;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($tgt->software as $sw) {
|
$all_findings = [];
|
||||||
$tgt_node['software_list'][] = [
|
$targets_arr = $db->get_Target_Details($ste->get_ID());
|
||||||
'id' => $sw->get_ID(),
|
$used_cats = [];
|
||||||
'man' => $sw->get_Man(),
|
if (empty($targets_arr)) {
|
||||||
'name' => $sw->get_Name(),
|
$log->script_log("There are no targets in the ST&E", E_ERROR);
|
||||||
'ver' => $sw->get_Version(),
|
|
||||||
'string' => $sw->get_SW_String(),
|
|
||||||
'short_string' => $sw->get_Shortened_SW_String()
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
foreach ($targets_arr as $tgt) {
|
||||||
|
if (! in_array($tgt->get_Cat_ID(), $used_cats)) {
|
||||||
|
$all_findings = array_merge($all_findings, $db->get_Category_Findings($tgt->get_Cat_ID()));
|
||||||
|
$used_cats[] = $tgt->get_Cat_ID();
|
||||||
|
}
|
||||||
|
$os = $db->get_Software($tgt->get_OS_ID())[0];
|
||||||
|
|
||||||
foreach ($tgt->checklists as $chk) {
|
$tgt_node = [
|
||||||
$tgt_node['checklist_list'][] = [
|
'id' => $tgt->get_ID(),
|
||||||
'id' => $chk->get_ID(),
|
'ste_id' => $tgt->get_STE_ID(),
|
||||||
'checklist_id' => $chk->get_Checklist_ID(),
|
'cat_id' => $tgt->get_Cat_ID(),
|
||||||
'type' => $chk->get_type(),
|
'os_id' => $tgt->get_OS_ID(),
|
||||||
'class' => $chk->get_Classification(),
|
'os_string' => $tgt->get_OS_String(),
|
||||||
'version' => $chk->get_Version(),
|
'os_man' => $os->get_Man(),
|
||||||
'release' => $chk->get_Release()
|
'os_name' => $os->get_Name(),
|
||||||
];
|
'os_ver' => $os->get_Version(),
|
||||||
}
|
'name' => $tgt->get_Name(),
|
||||||
|
'location' => $tgt->get_Location(),
|
||||||
$json['targets'][] = $tgt_node;
|
'source' => $tgt->get_Source(),
|
||||||
}
|
'pp_flag' => '0',
|
||||||
|
'pp_off' => '1',
|
||||||
if (!is_null($scan_arr = $db->get_ScanData($ste->get_ID()))) {
|
'login' => $tgt->get_Login(),
|
||||||
foreach ($scan_arr as $scan) {
|
'class' => $tgt->classification,
|
||||||
$scan_node = [
|
'status' => [
|
||||||
'id' => $scan->get_ID(),
|
'auto' => $tgt->get_Auto_Status_ID(),
|
||||||
'ste_id' => $scan->get_STE()->get_ID(),
|
'manual' => $tgt->get_Man_Status_ID(),
|
||||||
'src_id' => $scan->get_Source()->get_ID(),
|
'data' => $tgt->get_Data_Status_ID(),
|
||||||
'itr' => $scan->get_Itr(),
|
'fp_cat1' => $tgt->get_FP_Cat1_Status_ID()
|
||||||
'file_name' => $scan->get_File_Name(),
|
],
|
||||||
'file_date' => $scan->get_File_Date(),
|
'notes' => $tgt->get_Notes(),
|
||||||
'host_list' => []
|
'netstat' => $tgt->get_Netstat_Connections(),
|
||||||
];
|
'missing_patches' => $tgt->get_Missing_Patches(),
|
||||||
|
'interfaces' => [],
|
||||||
foreach ($scan->get_Host_List() as $host) {
|
'software_list' => [],
|
||||||
$scan_node['host_list'][] = [
|
'checklist_list' => []
|
||||||
'tgt_id' => $host['target']->get_ID(),
|
|
||||||
'tgt_name' => $host['target']->get_Name(),
|
|
||||||
'count' => $host['count']
|
|
||||||
];
|
];
|
||||||
}
|
|
||||||
|
|
||||||
$json['scans'][] = $scan_node;
|
foreach ($tgt->interfaces as $int) {
|
||||||
}
|
$int_node = [
|
||||||
}
|
'id' => $int->get_ID(),
|
||||||
|
'name' => $int->get_Name(),
|
||||||
|
'ipv4' => $int->get_IPv4(),
|
||||||
|
'ipv6' => $int->get_IPv6(),
|
||||||
|
'hostname' => $int->get_Hostname(),
|
||||||
|
'fqdn' => $int->get_FQDN(),
|
||||||
|
'desc' => $int->get_Description(),
|
||||||
|
'tcp_ports' => [],
|
||||||
|
'udp_ports' => []
|
||||||
|
];
|
||||||
|
|
||||||
foreach ($all_findings as $worksheet_name => $data) {
|
foreach ($int->get_TCP_Ports() as $tcp) {
|
||||||
foreach ($data['stigs'] as $stig_id => $data2) {
|
$int_node['tcp_ports'][] = [
|
||||||
$stig = $db->get_Stig($stig_id);
|
'number' => $tcp->get_Port(),
|
||||||
if (is_array($stig) && count($stig) && isset($stig[0]) && is_a($stig[0], 'stig')) {
|
'name' => $tcp->get_IANA_Name(),
|
||||||
$stig = $stig[0];
|
'banner' => $tcp->get_Banner(),
|
||||||
}
|
'notes' => $tcp->get_Notes()
|
||||||
else {
|
];
|
||||||
continue;
|
}
|
||||||
}
|
|
||||||
|
|
||||||
$ec = $db->get_eChecklist($stig, $data2['chk_id']);
|
foreach ($int->get_UDP_Ports() as $udp) {
|
||||||
|
$int_node['udp_ports'][] = [
|
||||||
|
'number' => $udp->get_Port(),
|
||||||
|
'name' => $udp->get_IANA_Name(),
|
||||||
|
'banner' => $udp->get_Banner(),
|
||||||
|
'notes' => $udp->get_Notes()
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
$find_node = [
|
$tgt_node['interfaces'][] = $int_node;
|
||||||
'stig_id' => $stig->get_ID(),
|
|
||||||
'vms_id' => $ec->get_VMS_ID(),
|
|
||||||
'cat' => $ec->get_Cat_Level_String(),
|
|
||||||
'short_title' => $ec->get_Short_Title(),
|
|
||||||
'check_contents' => $ec->get_Check_Contents(),
|
|
||||||
'notes' => $data2['notes'],
|
|
||||||
'target_status' => [],
|
|
||||||
'ia_controls' => []
|
|
||||||
];
|
|
||||||
|
|
||||||
foreach ($data['target_list'] as $host_name => $col_id) {
|
|
||||||
$tgt = $db->get_Target_Details($ste->get_ID(), $host_name)[0];
|
|
||||||
$finding = $db->get_Finding($tgt, $stig)[0];
|
|
||||||
|
|
||||||
if (is_null($finding)) {
|
|
||||||
continue;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$find_node['target_status'][] = [
|
foreach ($tgt->software as $sw) {
|
||||||
'tgt_name' => $host_name,
|
$tgt_node['software_list'][] = [
|
||||||
'status' => (isset($data2[$host_name]) ? $data2[$host_name] : 'Not Applicable'),
|
'id' => $sw->get_ID(),
|
||||||
'scan_id' => $finding->get_Scan_ID()
|
'man' => $sw->get_Man(),
|
||||||
];
|
'name' => $sw->get_Name(),
|
||||||
}
|
'ver' => $sw->get_Version(),
|
||||||
|
'string' => $sw->get_SW_String(),
|
||||||
|
'short_string' => $sw->get_Shortened_SW_String()
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
foreach ($data2['ia_control'] as $ia) {
|
foreach ($tgt->checklists as $chk) {
|
||||||
$find_node['ia_controls'] = $ia;
|
$tgt_node['checklist_list'][] = [
|
||||||
}
|
'id' => $chk->get_ID(),
|
||||||
|
'checklist_id' => $chk->get_Checklist_ID(),
|
||||||
|
'type' => $chk->get_type(),
|
||||||
|
'class' => $chk->get_Classification(),
|
||||||
|
'version' => $chk->get_Version(),
|
||||||
|
'release' => $chk->get_Release()
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
$json['tech_findings'][] = $find_node;
|
$json['targets'][] = $tgt_node;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
header(JSON);
|
if (! is_null($scan_arr = $db->get_ScanData($ste->get_ID()))) {
|
||||||
header('Content-disposition: attachment; filename="' . $sys->get_Name() . '-' . $ste->get_Site()->get_Name() . '-ste-export.json"');
|
foreach ($scan_arr as $scan) {
|
||||||
print json_encode($json, JSON_PRETTY_PRINT);
|
$scan_node = [
|
||||||
|
'id' => $scan->get_ID(),
|
||||||
|
'ste_id' => $scan->get_STE()->get_ID(),
|
||||||
|
'src_id' => $scan->get_Source()->get_ID(),
|
||||||
|
'itr' => $scan->get_Itr(),
|
||||||
|
'file_name' => $scan->get_File_Name(),
|
||||||
|
'file_date' => $scan->get_File_Date(),
|
||||||
|
'host_list' => []
|
||||||
|
];
|
||||||
|
|
||||||
|
foreach ($scan->get_Host_List() as $host) {
|
||||||
|
/** @var host_list $host */
|
||||||
|
$scan_node['host_list'][] = [
|
||||||
|
'tgt_id' => $host->getTargetId(),
|
||||||
|
'tgt_name' => $host->getTargetName(),
|
||||||
|
'count' => $host->getFindingCount()
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
$json['scans'][] = $scan_node;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach ($all_findings as $data) {
|
||||||
|
foreach ($data['stigs'] as $stig_id => $data2) {
|
||||||
|
$stig = $db->get_Stig($stig_id);
|
||||||
|
if (is_array($stig) && count($stig) && isset($stig[0]) && is_a($stig[0], 'stig')) {
|
||||||
|
$stig = $stig[0];
|
||||||
|
} else {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
$ec = $db->get_eChecklist($stig, $data2['chk_id']);
|
||||||
|
|
||||||
|
$find_node = [
|
||||||
|
'stig_id' => $stig->get_ID(),
|
||||||
|
'vms_id' => $ec->get_VMS_ID(),
|
||||||
|
'cat' => $ec->get_Cat_Level(),
|
||||||
|
'short_title' => $ec->get_Short_Title(),
|
||||||
|
'check_contents' => $ec->get_Check_Contents(),
|
||||||
|
'notes' => trim($data2['echecklist']->get_Notes()),
|
||||||
|
'target_status' => [],
|
||||||
|
'ia_controls' => $data2['echecklist']->get_IA_Controls()
|
||||||
|
];
|
||||||
|
|
||||||
|
unset($data['stigs'][$stig_id]['echecklist']);
|
||||||
|
unset($data['stigs'][$stig_id]['chk_id']);
|
||||||
|
|
||||||
|
foreach ($data['stigs'][$stig_id] as $host_name => $status) {
|
||||||
|
$find_node['target_status'][] = [
|
||||||
|
'tgt_name' => $host_name,
|
||||||
|
'status' => $status,
|
||||||
|
//'scan_id' => $finding->get_Scan_ID()
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
$json['tech_findings'][] = $find_node;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
header(JSON);
|
||||||
|
header('Content-disposition: attachment; filename="' . $sys->get_Name() . '-' . $ste->get_Site()->get_Name() . '-ste-export.json"');
|
||||||
|
print json_encode($json, JSON_PRETTY_PRINT);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Function to export the hosts in an ST&E
|
* Function to export the hosts in an ST&E
|
||||||
*/
|
*/
|
||||||
function export_Host_List() {
|
function export_Host_List()
|
||||||
global $db;
|
{
|
||||||
$csv = "Target ID,Name,HostName,IPv4,FQDN,OS" . PHP_EOL;
|
global $db;
|
||||||
|
$csv = "Target ID,Name,HostName,IPv4,FQDN,OS" . PHP_EOL;
|
||||||
|
|
||||||
$ste = $db->get_STE($_REQUEST['ste'])[0];
|
$ste = $db->get_STE($_REQUEST['ste'])[0];
|
||||||
|
|
||||||
$tgts = $db->get_Target_Details($_REQUEST['ste']);
|
$tgts = $db->get_Target_Details($_REQUEST['ste']);
|
||||||
|
|
||||||
foreach ($tgts as $key => $tgt) {
|
foreach ($tgts as $tgt) {
|
||||||
$csv .= $tgt->get_ID() . "," . $tgt->get_Name() . ",";
|
$csv .= $tgt->get_ID() . "," . $tgt->get_Name() . ",";
|
||||||
|
|
||||||
$int_str = '';
|
$int_str = '';
|
||||||
$fqdn_str = '';
|
$fqdn_str = '';
|
||||||
$host_str = '';
|
$host_str = '';
|
||||||
foreach ($tgt->interfaces as $key2 => $int) {
|
foreach ($tgt->interfaces as $int) {
|
||||||
if (false) {
|
/** @var interfaces $int */
|
||||||
$int = new interfaces();
|
$host_str .= $int->get_Hostname() . ",";
|
||||||
}
|
$int_str .= $int->get_IPv4() . ",";
|
||||||
$host_str .= $int->get_Hostname() . ",";
|
$fqdn_str .= $int->get_FQDN() . ",";
|
||||||
$int_str .= $int->get_IPv4() . ",";
|
}
|
||||||
$fqdn_str .= $int->get_FQDN() . ",";
|
$host_str = substr($host_str, 0, - 1);
|
||||||
|
$int_str = substr($int_str, 0, - 1);
|
||||||
|
$fqdn_str = substr($fqdn_str, 0, - 1);
|
||||||
|
|
||||||
|
$csv .= "\"$host_str\",\"$int_str\",\"$fqdn_str\",";
|
||||||
|
|
||||||
|
$os = $db->get_Software($tgt->get_OS_ID())[0];
|
||||||
|
$csv .= $os->get_Man() . " " . $os->get_Name() . " " . $os->get_Version() . PHP_EOL;
|
||||||
}
|
}
|
||||||
$host_str = substr($host_str, 0, -1);
|
|
||||||
$int_str = substr($int_str, 0, -1);
|
|
||||||
$fqdn_str = substr($fqdn_str, 0, -1);
|
|
||||||
|
|
||||||
$csv .= "\"$host_str\",\"$int_str\",\"$fqdn_str\",";
|
header('Content-type: plain/text');
|
||||||
|
header('Content-disposition: attachment; filename="' . $ste->get_System()->get_Name() . '-' . $ste->get_Site()->get_Name() . '-host-list.csv"');
|
||||||
$os = $db->get_Software($tgt->get_OS_ID())[0];
|
print $csv;
|
||||||
$csv .= $os->get_Man() . " " . $os->get_Name() . " " . $os->get_Version() . PHP_EOL;
|
|
||||||
}
|
|
||||||
|
|
||||||
header('Content-type: plain/text');
|
|
||||||
header('Content-disposition: attachment; filename="' . $ste->get_System()->get_Name() . '-' . $ste->get_Site()->get_Name() . '-host-list.csv"');
|
|
||||||
print $csv;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Function to import an ST&E
|
* Function to import an ST&E
|
||||||
*/
|
*/
|
||||||
function import_STE() {
|
function import_STE()
|
||||||
global $cmd, $db;
|
{
|
||||||
set_time_limit(0);
|
|
||||||
$base_name = basename($cmd['f']);
|
|
||||||
include_once 'helper.inc';
|
|
||||||
$log = new Sagacity_Error($cmd['f']);
|
|
||||||
|
|
||||||
if (!file_exists($cmd['f'])) {
|
|
||||||
$log->script_log("File not found", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$xml = new DOMDocument();
|
|
||||||
$ste_cat_arr = array();
|
|
||||||
$all_scans = array();
|
|
||||||
$all_tgts = array();
|
|
||||||
|
|
||||||
if (!$xml->load($cmd['f'])) {
|
|
||||||
$log->script_log("Error loading XML", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$site_node = getValue($xml, "/root/site", null, true);
|
|
||||||
|
|
||||||
if ($site_node->length) {
|
|
||||||
$site_node = $site_node->item(0);
|
|
||||||
$site = $db->get_Site($site_node->getAttribute("name"));
|
|
||||||
if (is_array($site) && count($site)) {
|
|
||||||
$site = $site[0];
|
|
||||||
print "Existing site " . $site->get_Name() . PHP_EOL;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
print "Adding new site " . $site_node->getAttribute("name") . PHP_EOL;
|
|
||||||
$site = new site(null, $site_node->getAttribute("name"), $site_node->getAttribute("address"), $site_node->getAttribute("city"), $site_node->getAttribute("state"), $site_node->getAttribute("zip"), $site_node->getAttribute("country"), $site_node->getAttribute("poc_name"), $site_node->getAttribute("poc_email"), $site_node->getAttribute("poc_phone"));
|
|
||||||
|
|
||||||
$site->set_ID($db->save_Site($site));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("No site associated with this ST&E", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$sys_nodes = getValue($xml, "/root/systems/system", null, true);
|
|
||||||
|
|
||||||
if ($sys_nodes->length) {
|
|
||||||
foreach ($sys_nodes as $node) {
|
|
||||||
$sys = $db->get_System($node->getAttribute("name"));
|
|
||||||
if (is_array($sys) && count($sys)) {
|
|
||||||
$sys = $sys[0];
|
|
||||||
print "Existing system " . $sys->get_Name() . PHP_EOL;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
print "Adding new system " . $node->getAttribute("name") . PHP_EOL;
|
|
||||||
$sys = new system(null, $node->getAttribute("name"), $node->getAttribute("mac"), $node->getAttribute("classified"));
|
|
||||||
|
|
||||||
$sys->set_ID($db->save_System($sys));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("No system associated with this ST&E", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$ste_node = getValue($xml, "/root/ste", null, true);
|
|
||||||
|
|
||||||
if ($ste_node->length) {
|
|
||||||
print "Adding new ST&E" . PHP_EOL;
|
|
||||||
$ste_node = $ste_node->item(0);
|
|
||||||
$old_ste_id = $ste_node->getAttribute("id");
|
|
||||||
|
|
||||||
$ste = new ste(null, $sys->get_ID(), $site->get_Id(), $ste_node->getAttribute("eval_start"), $ste_node->getAttribute("eval_end"), false, 0);
|
|
||||||
|
|
||||||
$ste->set_ID($db->save_STE($ste));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("No ST&E in this export file", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$cat_nodes = getValue($xml, "/root/ste_cats/cat", null, true);
|
|
||||||
|
|
||||||
if ($cat_nodes->length) {
|
|
||||||
foreach ($cat_nodes as $node) {
|
|
||||||
print "Adding new category " . $node->getAttribute("name") . PHP_EOL;
|
|
||||||
$id = $node->getAttribute('id');
|
|
||||||
$ste_cat_arr[$id] = new ste_cat(null, $ste->get_ID(), $node->getAttribute("name"), $node->getAttribute("analysts"));
|
|
||||||
|
|
||||||
$ste_cat_arr[$id]->set_ID($db->save_Category($ste_cat_arr[$id]));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("There are no categories in this ST&E", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$tgt_nodes = getValue($xml, "/root/targets/target", null, true);
|
|
||||||
|
|
||||||
if ($tgt_nodes->length) {
|
|
||||||
foreach ($tgt_nodes as $node) {
|
|
||||||
print "Adding new target " . $node->getAttribute("name") . PHP_EOL;
|
|
||||||
$cat_id = $node->getAttribute("cat_id");
|
|
||||||
|
|
||||||
$os = $db->get_Software([
|
|
||||||
'man' => $node->getAttribute("os_man"),
|
|
||||||
'name' => $node->getAttribute("os_name"),
|
|
||||||
'ver' => $node->getAttribute("os_ver")
|
|
||||||
]);
|
|
||||||
|
|
||||||
if (is_array($os) && count($os)) {
|
|
||||||
$os = $os[0];
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$os = $db->getSoftware(array(
|
|
||||||
'man' => 'Generic',
|
|
||||||
'name' => 'Generic',
|
|
||||||
'ver' => 'N/A'
|
|
||||||
), false)[0];
|
|
||||||
}
|
|
||||||
|
|
||||||
$statuses = getValue($xml, "status", $node, true)->item(0);
|
|
||||||
$notes = getValue($xml, "notes", $node);
|
|
||||||
$netstat = getValue($xml, "netstat_connection", $node);
|
|
||||||
$patches = getValue($xml, "missing_patches", $node);
|
|
||||||
$os_string = getValue($xml, "os_string", $node);
|
|
||||||
|
|
||||||
$tgt = new target($node->getAttribute("name"));
|
|
||||||
$tgt->set_STE_ID($ste->get_ID());
|
|
||||||
$tgt->set_Cat_ID($ste_cat_arr[$cat_id]->get_ID());
|
|
||||||
$tgt->set_OS_ID($os->get_ID());
|
|
||||||
$tgt->set_OS_String($node->getAttribute("os_string"));
|
|
||||||
$tgt->set_Auto_Status_ID($statuses->getAttribute("auto"));
|
|
||||||
$tgt->set_Man_Status_ID($statuses->getAttribute("manual"));
|
|
||||||
$tgt->set_Data_Status_ID($statuses->getAttribute("data"));
|
|
||||||
$tgt->set_FP_Cat1_Status_ID($statuses->getAttribute("fp_cat1"));
|
|
||||||
$tgt->set_Location($node->getAttribute("location"));
|
|
||||||
$tgt->set_Notes($notes);
|
|
||||||
$tgt->set_Netstat_Connections($netstat);
|
|
||||||
$tgt->set_Login($node->getAttribute("login"));
|
|
||||||
$tgt->set_Missing_Patches($patches);
|
|
||||||
$tgt->set_PP_Flag($node->getAttribute("pp_flag"));
|
|
||||||
$tgt->set_PP_Suspended($node->getAttribute("pp_off"));
|
|
||||||
|
|
||||||
$ints = getValue($xml, "interfaces/interface", $node, true);
|
|
||||||
foreach ($ints as $int_node) {
|
|
||||||
$int = new interfaces(null, null, $int_node->getAttribute("name"), $int_node->getAttribute("ipv4"), $int_node->getAttribute("ipv6"), $int_node->getAttribute("hostname"), $int_node->getAttribute("fqdn"), getValue($xml, "description", $int_node));
|
|
||||||
|
|
||||||
$tcp_nodes = getValues($xml, "tcp_ports/port", $int_node, true);
|
|
||||||
foreach ($tcp_nodes as $tcp) {
|
|
||||||
$int->add_TCP_Ports(new tcp_ports(null, $tcp->getAttribute("number"), $tcp->getAttribute("name"), getValue($xml, "banner", $tcp), getValue($xml, "notes", $tcp)));
|
|
||||||
}
|
|
||||||
|
|
||||||
$udp_nodes = getValues($xml, "udp_ports/port", $int_node, true);
|
|
||||||
foreach ($udp_nodes as $udp) {
|
|
||||||
$int->add_UDP_Ports(new udp_ports(null, $udp->getAttribute("number"), $udp->getAttribute("name"), getValue($xml, "banner", $udp), getValue($xml, "notes", $udp)));
|
|
||||||
}
|
|
||||||
|
|
||||||
$tgt->interfaces[] = $int;
|
|
||||||
}
|
|
||||||
|
|
||||||
$sw_nodes = getValue($xml, "software_list/software", $node, true);
|
|
||||||
foreach ($sw_nodes as $sw) {
|
|
||||||
$tgt->software[] = $db->get_Software(array(
|
|
||||||
'man' => $sw->getAttribute("sw_man"),
|
|
||||||
'name' => $sw->getAttribute("sw_name"),
|
|
||||||
'ver' => $sw->getAttribute("sw_ver")
|
|
||||||
))[0];
|
|
||||||
}
|
|
||||||
|
|
||||||
$chk_nodes = getValue($xml, "checklist_list/checklist", $node, true);
|
|
||||||
foreach ($chk_nodes as $chk) {
|
|
||||||
$tgt->checklists[] = $db->get_Checklist(array(
|
|
||||||
'checklist_id' => $chk->getAttribute('checklist_id'),
|
|
||||||
'type' => $chk->getAttribute('type'),
|
|
||||||
'version' => $chk->getAttribute('version'),
|
|
||||||
'release' => $chk->getAttribute('release')
|
|
||||||
))[0];
|
|
||||||
}
|
|
||||||
|
|
||||||
$tgt->set_ID($db->save_Target($tgt));
|
|
||||||
$all_tgts[$node->getAttribute("id")] = $tgt;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("No targets were found on this ST&E", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$scan_nodes = getValue($xml, "/root/scans/scan", null, true);
|
|
||||||
if ($scan_nodes->length) {
|
|
||||||
foreach ($scan_nodes as $node) {
|
|
||||||
$src = $db->get_Sources($node->getAttribute("src_id"));
|
|
||||||
print "Adding new scan result file " . $node->getAttribute("file_name") . PHP_EOL;
|
|
||||||
$scan = new scan(null, $src, $ste, $node->getAttribute('itr'), $node->getAttribute("file_name"), $node->getAttribute('file_date'));
|
|
||||||
|
|
||||||
$host_list_nodes = getValue($xml, "host_list", $node, true);
|
|
||||||
foreach ($host_list_nodes as $host) {
|
|
||||||
$scan_tgt = $db->get_Target_Details($ste->get_ID(), $host->getAttribute('tgt_name'))[0];
|
|
||||||
$hl = new host_list();
|
|
||||||
$hl->setTargetId($scan_tgt->get_ID());
|
|
||||||
$hl->setTargetName($scan_tgt->get_Name());
|
|
||||||
$hl->setFindingCount($host->getAttribute("count"));
|
|
||||||
$hl->setScanError(false);
|
|
||||||
|
|
||||||
$scan->add_Target_to_Host_List($hl);
|
|
||||||
}
|
|
||||||
|
|
||||||
$scan->set_ID($db->save_Scan($scan));
|
|
||||||
$all_scans[$node->getAttribute("id")] = $scan;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("No scan result files were found in this ST&E", E_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
$x = 1;
|
|
||||||
$finding_nodes = getValue($xml, "/root/tech_findings/finding", null, true);
|
|
||||||
if ($finding_nodes->length) {
|
|
||||||
print "Adding findings (total " . $finding_nodes->length . ")" . PHP_EOL;
|
|
||||||
foreach ($finding_nodes as $node) {
|
|
||||||
print ".";
|
|
||||||
if ($x % 100 == 0) {
|
|
||||||
print "\t$x" . PHP_EOL;
|
|
||||||
}
|
|
||||||
|
|
||||||
$ia_nodes = getValue($xml, "ia_control", $node, true);
|
|
||||||
$ia_arr = array();
|
|
||||||
foreach ($ia_nodes as $ia) {
|
|
||||||
$ia_arr[] = $ia->textContent;
|
|
||||||
}
|
|
||||||
|
|
||||||
$cc = getValue($xml, "check_contents", $node);
|
|
||||||
|
|
||||||
$tgt_status_nodes = getValue($xml, "target_status", $node, true);
|
|
||||||
foreach ($tgt_status_nodes as $status_node) {
|
|
||||||
$notes = getValue($xml, "notes", $status_node);
|
|
||||||
$tgt = $db->get_Target_Details($ste->get_ID(), $status_node->getAttribute("tgt_name"))[0];
|
|
||||||
$finding = array(
|
|
||||||
0 => $node->getAttribute("stig_id"),
|
|
||||||
1 => $node->getAttribute("vms_id"),
|
|
||||||
2 => $node->getAttribute("cat"),
|
|
||||||
3 => implode(' ', $ia_arr),
|
|
||||||
4 => $node->getAttribute("short_title"),
|
|
||||||
5 => $status_node->getAttribute("status"),
|
|
||||||
6 => $notes,
|
|
||||||
7 => $cc,
|
|
||||||
8 => ''
|
|
||||||
);
|
|
||||||
|
|
||||||
$db->add_Finding($all_scans[$status_node->getAttribute("scan_id")], $tgt, $finding);
|
|
||||||
}
|
|
||||||
$x++;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$log->script_log("No findings were recorded in this ST&E", E_WARNING);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
12699
db_schema.json
12699
db_schema.json
File diff suppressed because it is too large
Load Diff
@ -112,10 +112,10 @@ echo -- wmic /output:hotfixes.txt qfe list | tee.cmd %SUMMARYFILE%
|
|||||||
wmic qfe list > %OUTDIR%\hotfixes.txt
|
wmic qfe list > %OUTDIR%\hotfixes.txt
|
||||||
echo.
|
echo.
|
||||||
|
|
||||||
echo * 2.021, Software Certificate Installation Files | tee.cmd %OUTDIR%\hotfixes.txt
|
echo * 2.021, Software Certificate Installation Files | tee.cmd %OUTDIR%\certificates.txt
|
||||||
echo -- dir /s /b *.p12 *.pfs (C:\) | tee.cmd %SUMMARYFILE%
|
echo -- dir /s /b *.p12 *.pfs (C:\) | tee.cmd %SUMMARYFILE%
|
||||||
cd C:\
|
cd C:\
|
||||||
dir /s /b *.p12 *.pfs > %OUTDIR%\hotfixes.txt
|
dir /s /b *.p12 *.pfs > %OUTDIR%\certificates.txt
|
||||||
cd %originaldir%
|
cd %originaldir%
|
||||||
echo.
|
echo.
|
||||||
|
|
||||||
@ -233,8 +233,8 @@ fciv.exe -both "%OUTFILE%" >> %CHECKSUMS%
|
|||||||
|
|
||||||
echo * Installed Software | tee.cmd %SUMMARYFILE%
|
echo * Installed Software | tee.cmd %SUMMARYFILE%
|
||||||
set OUTFILE=%OUTDIR%\installed-software.csv
|
set OUTFILE=%OUTDIR%\installed-software.csv
|
||||||
echo -- wmic product /format:csv get name,version | tee.cmd %SUMMARYFILE%
|
echo -- wmic product get name,version /format:csv | tee.cmd %SUMMARYFILE%
|
||||||
wmic product get /format:csv name,version > %OUTFILE%
|
wmic product get name,version /format:csv > %OUTFILE%
|
||||||
|
|
||||||
echo * Query the registry for values | tee.cmd %SUMMARYFILE%
|
echo * Query the registry for values | tee.cmd %SUMMARYFILE%
|
||||||
for /F "eol=; tokens=1,2 delims=," %%i in (reg-values-to-check.txt) do (
|
for /F "eol=; tokens=1,2 delims=," %%i in (reg-values-to-check.txt) do (
|
||||||
|
@ -237,7 +237,7 @@ do {
|
|||||||
}
|
}
|
||||||
while ($dbh->get_Running_Script_Count($conf['ste']));
|
while ($dbh->get_Running_Script_Count($conf['ste']));
|
||||||
|
|
||||||
if (!$debug) {
|
if (!$debug && file_exists(DOC_ROOT . "/exec/parse_config.ini")) {
|
||||||
unlink(DOC_ROOT . "/exec/parse_config.ini");
|
unlink(DOC_ROOT . "/exec/parse_config.ini");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -59,6 +59,16 @@ else {
|
|||||||
|
|
||||||
print "Destination: $dest" . PHP_EOL;
|
print "Destination: $dest" . PHP_EOL;
|
||||||
|
|
||||||
|
$status_map = [
|
||||||
|
'Not Reviewed' => 'Not_Reviewed',
|
||||||
|
'Not a Finding' => 'NotAFinding',
|
||||||
|
'Open' => 'Open',
|
||||||
|
'Not Applicable' => 'Not_Applicable',
|
||||||
|
'No Data' => 'Not_Reviewed',
|
||||||
|
'Exception' => 'Open',
|
||||||
|
'False Positive' => 'NotAFinding'
|
||||||
|
];
|
||||||
|
|
||||||
$xml = new Array2XML();
|
$xml = new Array2XML();
|
||||||
$xml->standalone = true;
|
$xml->standalone = true;
|
||||||
$xml->formatOutput = true;
|
$xml->formatOutput = true;
|
||||||
@ -110,12 +120,13 @@ if ($tgt_count = count($tgts)) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$arr = [
|
$arr = [
|
||||||
|
'@comment' => "CyberPerspectives Sagacity v" . VER,
|
||||||
'ASSET' => [
|
'ASSET' => [
|
||||||
'ASSET_TYPE' => 'Computing',
|
'ROLE' => 'None',
|
||||||
|
'ASSET_TYPE' => 'Computing',
|
||||||
'HOST_NAME' => $tgt->get_Name(),
|
'HOST_NAME' => $tgt->get_Name(),
|
||||||
'HOST_IP' => $host_ip,
|
'HOST_IP' => $host_ip,
|
||||||
'HOST_MAC' => $host_mac,
|
'HOST_MAC' => $host_mac,
|
||||||
'HOST_GUID' => '',
|
|
||||||
'HOST_FQDN' => $host_fqdn,
|
'HOST_FQDN' => $host_fqdn,
|
||||||
'TECH_AREA' => '',
|
'TECH_AREA' => '',
|
||||||
'TARGET_KEY' => '',
|
'TARGET_KEY' => '',
|
||||||
@ -182,10 +193,11 @@ if ($tgt_count = count($tgts)) {
|
|||||||
$total_stigs += $pdi_count = (is_array($pdis) ? count($pdis) : 0);
|
$total_stigs += $pdi_count = (is_array($pdis) ? count($pdis) : 0);
|
||||||
$count = 0;
|
$count = 0;
|
||||||
|
|
||||||
|
$findings = $db->get_Finding($tgt);
|
||||||
|
|
||||||
foreach ($pdis as $pdi) {
|
foreach ($pdis as $pdi) {
|
||||||
$find = $db->get_Finding($tgt, new stig($pdi['pdi_id'], $pdi['STIG_ID'], null));
|
if (isset($findings[$pdi['pdi_id']])) {
|
||||||
if (is_array($find) && count($find) && isset($find[0]) && is_a($find[0], 'finding')) {
|
$find = $findings[$pdi['pdi_id']];
|
||||||
$find = $find[0];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$sev = 'low';
|
$sev = 'low';
|
||||||
@ -306,20 +318,11 @@ if ($tgt_count = count($tgts)) {
|
|||||||
]
|
]
|
||||||
], $cci_list);
|
], $cci_list);
|
||||||
|
|
||||||
$status = "Not_Reviewed";
|
$status = 'Not_Reviewed';
|
||||||
$notes = '';
|
$notes = '';
|
||||||
|
|
||||||
if (is_a($find, 'finding')) {
|
if (is_a($find, 'finding')) {
|
||||||
$status = $find->get_Finding_Status_String();
|
$status = $status_map[$find->get_Finding_Status_String()];
|
||||||
if ($status == 'Not a Finding' || $status == 'False Positive') {
|
|
||||||
$status = "NotAFinding";
|
|
||||||
}
|
|
||||||
elseif($status == 'Exception') {
|
|
||||||
$status = 'Open';
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$status = str_replace(" ", "_", $status);
|
|
||||||
}
|
|
||||||
$notes = $find->get_Notes();
|
$notes = $find->get_Notes();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -355,6 +358,7 @@ Total STIGs: $total_stigs
|
|||||||
EOO;
|
EOO;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* Function to retrieve all the PDIs for a specified target and checklist
|
||||||
*
|
*
|
||||||
* @global db $db
|
* @global db $db
|
||||||
*
|
*
|
||||||
@ -387,7 +391,8 @@ function get_checklist_data($tgt, $chk) {
|
|||||||
"JOIN sagacity.pdi_checklist_lookup pcl ON pcl.pdi_id = pdi.pdi_id",
|
"JOIN sagacity.pdi_checklist_lookup pcl ON pcl.pdi_id = pdi.pdi_id",
|
||||||
"JOIN sagacity.target_checklist tc ON tc.chk_id = pcl.checklist_id",
|
"JOIN sagacity.target_checklist tc ON tc.chk_id = pcl.checklist_id",
|
||||||
"JOIN sagacity.stigs s ON s.pdi_id = pdi.pdi_id"
|
"JOIN sagacity.stigs s ON s.pdi_id = pdi.pdi_id"
|
||||||
]
|
],
|
||||||
|
'group' => 'STIG_ID'
|
||||||
]);
|
]);
|
||||||
$pdis = $db->help->execute();
|
$pdis = $db->help->execute();
|
||||||
|
|
||||||
|
@ -41,7 +41,7 @@ $db_step = [
|
|||||||
'cpe' => ['filter' => FILTER_VALIDATE_BOOLEAN],
|
'cpe' => ['filter' => FILTER_VALIDATE_BOOLEAN],
|
||||||
'cve' => ['filter' => FILTER_VALIDATE_BOOLEAN],
|
'cve' => ['filter' => FILTER_VALIDATE_BOOLEAN],
|
||||||
'stig' => ['filter' => FILTER_VALIDATE_BOOLEAN],
|
'stig' => ['filter' => FILTER_VALIDATE_BOOLEAN],
|
||||||
'update-freq' => ['filter' => FILTER_VALIDATE_INT, 'flag' => FILTER_NULL_ON_FAILURE]
|
'update-freq' => ['filter' => FILTER_VALIDATE_FLOAT, 'flag' => FILTER_NULL_ON_FAILURE]
|
||||||
];
|
];
|
||||||
$company_step = [
|
$company_step = [
|
||||||
'company' => $params,
|
'company' => $params,
|
||||||
@ -181,7 +181,9 @@ function save_Database($params)
|
|||||||
* CREATE DB PASSWORD FILE
|
* CREATE DB PASSWORD FILE
|
||||||
* --------------------------------- */
|
* --------------------------------- */
|
||||||
$enc_pwd = my_encrypt($params['web-pwd']);
|
$enc_pwd = my_encrypt($params['web-pwd']);
|
||||||
file_put_contents(DOC_ROOT . "/" . PWD_FILE, $enc_pwd);
|
if(!file_put_contents(DOC_ROOT . "/" . PWD_FILE, $enc_pwd)) {
|
||||||
|
die(json_encode(['error' => "Could not create the password file"]));
|
||||||
|
}
|
||||||
|
|
||||||
if (isset($params['conf-root-pwd']) && $params['conf-root-pwd'] == $params['root-pwd']) {
|
if (isset($params['conf-root-pwd']) && $params['conf-root-pwd'] == $params['root-pwd']) {
|
||||||
$db = new mysqli(DB_SERVER, $params['root-uname'], '', 'mysql');
|
$db = new mysqli(DB_SERVER, $params['root-uname'], '', 'mysql');
|
||||||
@ -194,7 +196,6 @@ function save_Database($params)
|
|||||||
unset($db);
|
unset($db);
|
||||||
}
|
}
|
||||||
|
|
||||||
$successful = true;
|
|
||||||
$zip = new ZipArchive();
|
$zip = new ZipArchive();
|
||||||
$db = new mysqli(DB_SERVER, $params['root-uname'], $params['root-pwd'], 'mysql');
|
$db = new mysqli(DB_SERVER, $params['root-uname'], $params['root-pwd'], 'mysql');
|
||||||
if ($db->connect_errno && $db->connect_errno == 1045) {
|
if ($db->connect_errno && $db->connect_errno == 1045) {
|
||||||
@ -361,7 +362,6 @@ EOO;
|
|||||||
|
|
||||||
if (preg_grep("/Access Denied/i", $output)) {
|
if (preg_grep("/Access Denied/i", $output)) {
|
||||||
$errors[] = $output;
|
$errors[] = $output;
|
||||||
$successful = false;
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
unlink($file);
|
unlink($file);
|
||||||
|
@ -25,6 +25,8 @@
|
|||||||
* - Aug 28, 2017 - Fixed couple minor bugs
|
* - Aug 28, 2017 - Fixed couple minor bugs
|
||||||
* - Jan 15, 2018 - Formatting, reorganized use statements, and cleaned up
|
* - Jan 15, 2018 - Formatting, reorganized use statements, and cleaned up
|
||||||
* - May 24, 2018 - Attempt to fix bug #413
|
* - May 24, 2018 - Attempt to fix bug #413
|
||||||
|
* - Nov 6, 2018 - performance improvements, ensure duplicate findings are not created, make eChecklist true status, update for removing findings.id
|
||||||
|
* - Nov 8, 2018 - added functionality to assign OS and checklists based on worksheet contents
|
||||||
*/
|
*/
|
||||||
$cmd = getopt("f:", ['debug::', 'help::']);
|
$cmd = getopt("f:", ['debug::', 'help::']);
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
@ -111,6 +113,7 @@ else {
|
|||||||
$scan->set_ID($scan_id);
|
$scan->set_ID($scan_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** @var software $gen_os */
|
||||||
$gen_os = $db->get_Software("cpe:/o:generic:generic:-", true);
|
$gen_os = $db->get_Software("cpe:/o:generic:generic:-", true);
|
||||||
if (is_array($gen_os) && count($gen_os) && isset($gen_os[0]) && is_a($gen_os[0], 'software')) {
|
if (is_array($gen_os) && count($gen_os) && isset($gen_os[0]) && is_a($gen_os[0], 'software')) {
|
||||||
$gen_os = $gen_os[0];
|
$gen_os = $gen_os[0];
|
||||||
@ -124,9 +127,12 @@ foreach ($objSS->getWorksheetIterator() as $wksht) {
|
|||||||
elseif (isset($conf['ignore']) && $wksht->getSheetState() == Worksheet::SHEETSTATE_HIDDEN) {
|
elseif (isset($conf['ignore']) && $wksht->getSheetState() == Worksheet::SHEETSTATE_HIDDEN) {
|
||||||
$log->info("Skipping hidden worksheet {$wksht->getTitle()}");
|
$log->info("Skipping hidden worksheet {$wksht->getTitle()}");
|
||||||
continue;
|
continue;
|
||||||
|
} elseif ($wksht->getTitle() == 'Orphan') {
|
||||||
|
$log->info("Skipping Orphan worksheet because it creates problems right now");
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
$scan->isTerminated();
|
$scan->isTerminated();
|
||||||
|
|
||||||
$log->notice("Reading from {$wksht->getTitle()}");
|
$log->notice("Reading from {$wksht->getTitle()}");
|
||||||
|
|
||||||
@ -139,6 +145,11 @@ $scan->isTerminated();
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$chk_arr = explode(', ', $wksht->getCell("B9")->getValue());
|
||||||
|
$checklists = $db->get_Checklist_By_Name($chk_arr);
|
||||||
|
$os_str = $wksht->getCell("G4")->getValue();
|
||||||
|
$os = $db->get_Software_By_String($os_str);
|
||||||
|
|
||||||
$idx = [
|
$idx = [
|
||||||
'stig_id' => 1,
|
'stig_id' => 1,
|
||||||
'vms_id' => 2,
|
'vms_id' => 2,
|
||||||
@ -155,6 +166,7 @@ $scan->isTerminated();
|
|||||||
$short_title_col = Coordinate::stringFromColumnIndex($idx['short_title']);
|
$short_title_col = Coordinate::stringFromColumnIndex($idx['short_title']);
|
||||||
$row_count = $highestRow = $wksht->getHighestDataRow() - 10;
|
$row_count = $highestRow = $wksht->getHighestDataRow() - 10;
|
||||||
$highestCol = $wksht->getHighestDataColumn(10);
|
$highestCol = $wksht->getHighestDataColumn(10);
|
||||||
|
$tgt_findings = [];
|
||||||
|
|
||||||
for ($col = 'F' ; $col != $highestCol ; $col++) {
|
for ($col = 'F' ; $col != $highestCol ; $col++) {
|
||||||
$cell = $wksht->getCell($col . '10');
|
$cell = $wksht->getCell($col . '10');
|
||||||
@ -171,22 +183,59 @@ $scan->isTerminated();
|
|||||||
|
|
||||||
if ($tgt_id = $db->check_Target($conf['ste'], $cell->getValue())) {
|
if ($tgt_id = $db->check_Target($conf['ste'], $cell->getValue())) {
|
||||||
$log->debug("Found host for {$cell->getValue()}");
|
$log->debug("Found host for {$cell->getValue()}");
|
||||||
|
/** @var target $tgt */
|
||||||
$tgt = $db->get_Target_Details($conf['ste'], $tgt_id);
|
$tgt = $db->get_Target_Details($conf['ste'], $tgt_id);
|
||||||
if (is_array($tgt) && count($tgt) && isset($tgt[0]) && is_a($tgt[0], 'target')) {
|
if (is_array($tgt) && count($tgt) && isset($tgt[0]) && is_a($tgt[0], 'target')) {
|
||||||
$tgt = $tgt[0];
|
$tgt = $tgt[0];
|
||||||
|
if($tgt->get_OS_ID() == $gen_os->get_ID() && is_a($os, 'software')) {
|
||||||
|
$log->debug("Assigning operating system to {$tgt->get_Name()}", [$os]);
|
||||||
|
$tgt->set_OS_ID($os->get_ID());
|
||||||
|
$tgt->set_OS_String($os->get_Shortened_SW_String());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$log->error("Could not find host {$cell->getValue()}");
|
$log->error("Could not find host {$cell->getValue()}");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(is_a($checklists, 'checklist')) {
|
||||||
|
if(!isset($tgt->checklists[$checklists->get_ID()])) {
|
||||||
|
$log->debug("Assigning checklists to {$tgt->get_Name()}", [$checklists]);
|
||||||
|
$tgt->checklists[$checklists->get_ID()] = $checklists;
|
||||||
|
}
|
||||||
|
} elseif(is_array($checklists) && count($checklists)) {
|
||||||
|
$log->debug("Assigning checklists to {$tgt->get_Name()}", $checklists);
|
||||||
|
foreach($checklists as $c) {
|
||||||
|
/** @var checklist $c */
|
||||||
|
if(!isset($tgt->checklists[$c->get_ID()])) {
|
||||||
|
$tgt->checklists[$c->get_ID()] = $c;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->save_Target($tgt);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$log->debug("Creating new target {$cell->getValue()}");
|
$log->debug("Creating new target {$cell->getValue()}");
|
||||||
$tgt = new target($cell->getValue());
|
$tgt = new target($cell->getValue());
|
||||||
$tgt->set_OS_ID($gen_os->get_ID());
|
$tgt->set_OS_ID((is_a($os, 'software') ? $os->get_ID() : $gen_os->get_ID()));
|
||||||
|
$tgt->set_OS_String((is_a($os, 'software') ? $os->get_Shortened_SW_String() : $gen_os->get_Shortened_SW_String()));
|
||||||
$tgt->set_STE_ID($conf['ste']);
|
$tgt->set_STE_ID($conf['ste']);
|
||||||
$tgt->set_Location($conf['location']);
|
$tgt->set_Location($conf['location']);
|
||||||
$tgt->set_Notes('New Target');
|
$tgt->set_Notes('New Target');
|
||||||
|
|
||||||
|
if(is_a($checklists, 'checklist')) {
|
||||||
|
if(!isset($tgt->checklists[$checklists->get_ID()])) {
|
||||||
|
$tgt->checklists[$checklists->get_ID()] = $checklists;
|
||||||
|
}
|
||||||
|
} elseif(is_array($checklists) && count($checklists)) {
|
||||||
|
foreach($checklists as $c) {
|
||||||
|
/** @var checklist $c */
|
||||||
|
if(!isset($tgt->checklists[$c->get_ID()])) {
|
||||||
|
$tgt->checklists[$c->get_ID()] = $c;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (preg_match('/((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4}/', $cell->getValue())) {
|
if (preg_match('/((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4}/', $cell->getValue())) {
|
||||||
$ip = $cell->getValue();
|
$ip = $cell->getValue();
|
||||||
$int = new interfaces(null, null, null, $ip, null, null, null, null);
|
$int = new interfaces(null, null, null, $ip, null, null, null, null);
|
||||||
@ -199,32 +248,51 @@ $scan->isTerminated();
|
|||||||
$tgts[] = $tgt;
|
$tgts[] = $tgt;
|
||||||
|
|
||||||
$log->debug("Adding new target to host list", ['row_count' => $row_count, 'tgt_id' => $tgt->get_ID(), 'tgt_name' => $tgt->get_Name()]);
|
$log->debug("Adding new target to host list", ['row_count' => $row_count, 'tgt_id' => $tgt->get_ID(), 'tgt_name' => $tgt->get_Name()]);
|
||||||
$hl = new host_list();
|
if(!isset($scan->get_Host_List()[$tgt->get_ID()])) {
|
||||||
$hl->setFindingCount($row_count);
|
$hl = new host_list();
|
||||||
$hl->setTargetId($tgt->get_ID());
|
$hl->setFindingCount($row_count);
|
||||||
$hl->setTargetName($tgt->get_Name());
|
$hl->setTargetId($tgt->get_ID());
|
||||||
if ($ip) {
|
$hl->setTargetName($tgt->get_Name());
|
||||||
$hl->setTargetIp($ip);
|
if ($ip) {
|
||||||
}
|
$hl->setTargetIp($ip);
|
||||||
elseif (is_array($tgt->interfaces) && count($tgt->interfaces)) {
|
} elseif (is_array($tgt->interfaces) && count($tgt->interfaces)) {
|
||||||
foreach ($tgt->interfaces as $int) {
|
foreach ($tgt->interfaces as $int) {
|
||||||
if (!in_array($int->get_IPv4(), ['0.0.0.0', '127.0.0.1'])) {
|
if (!in_array($int->get_IPv4(), ['0.0.0.0', '127.0.0.1'])) {
|
||||||
$ip = $int->get_IPv4();
|
$ip = $int->get_IPv4();
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
$hl->setTargetIp($ip);
|
||||||
}
|
}
|
||||||
$hl->setTargetIp($ip);
|
|
||||||
}
|
|
||||||
|
|
||||||
$scan->add_Target_to_Host_List($hl);
|
$scan->add_Target_to_Host_List($hl);
|
||||||
|
} else {
|
||||||
|
$hl = $scan->get_Host_List()[$tgt->get_ID()];
|
||||||
|
|
||||||
|
$hl->addFindingCount($row_count);
|
||||||
|
|
||||||
|
$scan->add_Target_to_Host_List($hl);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (preg_match('/Overall/i', $cell->getValue())) {
|
$db->update_Scan_Host_List($scan);
|
||||||
|
$tgt_findings[$tgt->get_ID()] = $db->get_Finding($tgt);
|
||||||
|
|
||||||
|
if (preg_match('/overall/i', $cell->getValue())) {
|
||||||
$log->debug("Found overall: {$cell->getColumn()}");
|
$log->debug("Found overall: {$cell->getColumn()}");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(count($tgts) > 100) {
|
||||||
|
$db->update_Running_Scan($base_name, ['name' => 'status', 'value' => 'ERROR']);
|
||||||
|
$db->update_Running_Scan($base_name, ['name' => 'notes', 'value' => "Too many targets in worksheet {$wksht->getTitle()}"]);
|
||||||
|
$log->error("Too many targets in worksheet {$wksht->getTitle()}");
|
||||||
|
unset($objSS);
|
||||||
|
rename($cmd['f'], TMP . "/terminated/$base_name");
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
$db->update_Running_Scan($base_name, ['name' => 'host_count', 'value' => count($tgts)]);
|
$db->update_Running_Scan($base_name, ['name' => 'host_count', 'value' => count($tgts)]);
|
||||||
|
|
||||||
// increment the column indexes for notes, check contents, and missing PDI
|
// increment the column indexes for notes, check contents, and missing PDI
|
||||||
@ -234,8 +302,7 @@ $scan->isTerminated();
|
|||||||
$idx['consistent'] += $increase;
|
$idx['consistent'] += $increase;
|
||||||
$idx['notes'] += $increase;
|
$idx['notes'] += $increase;
|
||||||
$idx['check_contents'] += $increase;
|
$idx['check_contents'] += $increase;
|
||||||
}
|
} elseif (empty($tgts)) {
|
||||||
elseif (empty($tgts)) {
|
|
||||||
$log->warning("Failed to identify targets in worksheet {$wksht->getTitle()}");
|
$log->warning("Failed to identify targets in worksheet {$wksht->getTitle()}");
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@ -276,8 +343,7 @@ $scan->isTerminated();
|
|||||||
|
|
||||||
if (is_array($stig) && count($stig) && isset($stig[0]) && is_a($stig[0], 'stig')) {
|
if (is_array($stig) && count($stig) && isset($stig[0]) && is_a($stig[0], 'stig')) {
|
||||||
$stig = $stig[0];
|
$stig = $stig[0];
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$pdi = new pdi(null, $cat_lvl, $dt->format("Y-m-d"));
|
$pdi = new pdi(null, $cat_lvl, $dt->format("Y-m-d"));
|
||||||
$pdi->set_Short_Title($short_title);
|
$pdi->set_Short_Title($short_title);
|
||||||
$pdi->set_Group_Title($short_title);
|
$pdi->set_Group_Title($short_title);
|
||||||
@ -293,41 +359,36 @@ $scan->isTerminated();
|
|||||||
foreach ($tgts as $tgt) {
|
foreach ($tgts as $tgt) {
|
||||||
$status = $wksht->getCell(Coordinate::stringFromColumnIndex($idx['target'] + $x) . $row->getRowIndex())
|
$status = $wksht->getCell(Coordinate::stringFromColumnIndex($idx['target'] + $x) . $row->getRowIndex())
|
||||||
->getValue();
|
->getValue();
|
||||||
|
if(!in_array(strtolower($status), ['not reviewed', 'not a finding', 'open', 'not applicable', 'no data', 'exception', 'false positive'])) {
|
||||||
|
if(stripos($notes, "Formula found in status column") === false) {
|
||||||
|
$notes .= "Formula found in status column";
|
||||||
|
}
|
||||||
|
$status = "Not Reviewed";
|
||||||
|
$scan->set_Host_Error($tgt->get_ID(), true, "Formula found in the status column");
|
||||||
|
}
|
||||||
|
|
||||||
$log->debug("{$tgt->get_Name()} {$stig->get_ID()} ($status)");
|
$findings = $tgt_findings[$tgt->get_ID()];
|
||||||
|
if (is_array($findings) && count($findings) && isset($findings[$stig->get_PDI_ID()]) && is_a($findings[$stig->get_PDI_ID()], 'finding')) {
|
||||||
$finding = $db->get_Finding($tgt, $stig);
|
|
||||||
|
|
||||||
if (is_array($finding) && count($finding) && isset($finding[0]) && is_a($finding[0], 'finding')) {
|
|
||||||
/** @var finding $tmp */
|
/** @var finding $tmp */
|
||||||
$tmp = $finding[0];
|
$tmp = $findings[$stig->get_PDI_ID()];
|
||||||
|
|
||||||
if(preg_match("/Not a Finding|Not Applicable/i", $status)) {
|
|
||||||
$ds = $tmp->get_Deconflicted_Status($status);
|
|
||||||
$tmp->set_Finding_Status_By_String($ds);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$tmp->set_Finding_Status_By_String($status);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
$tmp->set_Finding_Status_By_String($status);
|
||||||
$tmp->set_Notes($notes);
|
$tmp->set_Notes($notes);
|
||||||
$tmp->set_Category($cat_lvl);
|
$tmp->set_Category($cat_lvl);
|
||||||
|
$tmp->set_Scan_ID($scan->get_ID());
|
||||||
|
|
||||||
$updated_findings[] = $tmp;
|
$updated_findings[] = $tmp;
|
||||||
}
|
} else {
|
||||||
else {
|
$tmp = new finding($tgt->get_ID(), $stig->get_PDI_ID(), $scan->get_ID(), $status, $notes, null, null, null);
|
||||||
$tmp = new finding(null, $tgt->get_ID(), $stig->get_PDI_ID(), $scan->get_ID(), $status, $notes, null, null, null);
|
|
||||||
$tmp->set_Category($cat_lvl);
|
$tmp->set_Category($cat_lvl);
|
||||||
|
|
||||||
$new_findings[] = $tmp;
|
$new_findings[] = $tmp;
|
||||||
}
|
}
|
||||||
|
$log->debug("{$tgt->get_Name()} {$stig->get_ID()} ({$tmp->get_Finding_Status_String()})");
|
||||||
$x++;
|
$x++;
|
||||||
}
|
}
|
||||||
|
|
||||||
$row_count++;
|
if(count($updated_findings) + count($new_findings) >= 1000) {
|
||||||
|
|
||||||
if($row_count % 100 == 0) {
|
|
||||||
if(!$db->add_Findings_By_Target($updated_findings, $new_findings)) {
|
if(!$db->add_Findings_By_Target($updated_findings, $new_findings)) {
|
||||||
die(print_r(debug_backtrace(), true));
|
die(print_r(debug_backtrace(), true));
|
||||||
} else {
|
} else {
|
||||||
@ -342,13 +403,14 @@ $scan->isTerminated();
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$db->update_Scan_Host_List($scan);
|
||||||
|
|
||||||
if (!$db->add_Findings_By_Target($updated_findings, $new_findings)) {
|
if (!$db->add_Findings_By_Target($updated_findings, $new_findings)) {
|
||||||
print "Error adding finding" . PHP_EOL;
|
print "Error adding finding" . PHP_EOL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
unset($objSS);
|
unset($objSS);
|
||||||
$db->update_Scan_Host_List($scan, $host_list);
|
|
||||||
if (!isset($cmd['debug'])) {
|
if (!isset($cmd['debug'])) {
|
||||||
rename($cmd['f'], TMP . "/echecklist/$base_name");
|
rename($cmd['f'], TMP . "/echecklist/$base_name");
|
||||||
}
|
}
|
||||||
|
@ -112,10 +112,8 @@ foreach ($files as $file) {
|
|||||||
|
|
||||||
$scan_id = 0;
|
$scan_id = 0;
|
||||||
|
|
||||||
foreach ($findings as $key => $find) {
|
/** @var finding $find */
|
||||||
if (false) {
|
foreach ($findings as $find) {
|
||||||
$find = new finding();
|
|
||||||
}
|
|
||||||
$ret = array();
|
$ret = array();
|
||||||
if ($find->get_Scan_ID()) {
|
if ($find->get_Scan_ID()) {
|
||||||
$scan_id = $find->get_Scan_ID();
|
$scan_id = $find->get_Scan_ID();
|
||||||
|
@ -181,10 +181,8 @@ class mssql_parser extends scan_xml_parser {
|
|||||||
// check for finding
|
// check for finding
|
||||||
$finding = $this->db->get_Finding($this->tgt, $this->stig);
|
$finding = $this->db->get_Finding($this->tgt, $this->stig);
|
||||||
if (is_array($finding) && count($finding)) {
|
if (is_array($finding) && count($finding)) {
|
||||||
|
/** @var finding $finding */
|
||||||
$finding = $finding[0];
|
$finding = $finding[0];
|
||||||
if (false) {
|
|
||||||
$finding = new finding();
|
|
||||||
}
|
|
||||||
|
|
||||||
$finding->prepend_Notes("(MSSQL) " . $this->notes);
|
$finding->prepend_Notes("(MSSQL) " . $this->notes);
|
||||||
if ($finding->get_Finding_Status_String() != "Not Reviewed" && $finding->get_Finding_Status_String() != $this->status) {
|
if ($finding->get_Finding_Status_String() != "Not Reviewed" && $finding->get_Finding_Status_String() != $this->status) {
|
||||||
@ -199,7 +197,7 @@ class mssql_parser extends scan_xml_parser {
|
|||||||
$this->updated_findings[$finding->get_PDI_ID()] = $finding;
|
$this->updated_findings[$finding->get_PDI_ID()] = $finding;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$finding = new finding(null, $this->tgt->get_ID(), $this->stig->get_PDI_ID(), $this->scan->get - ID(), $this->status, $this->notes, finding::NC, "MSSQL", 1);
|
$finding = new finding($this->tgt->get_ID(), $this->stig->get_PDI_ID(), $this->scan->get - ID(), $this->status, $this->notes, finding::NC, "MSSQL", 1);
|
||||||
|
|
||||||
$this->new_findings[$this->stig->get_PDI_ID()] = $finding;
|
$this->new_findings[$this->stig->get_PDI_ID()] = $finding;
|
||||||
}
|
}
|
||||||
|
@ -1142,7 +1142,7 @@ class nessus_parser extends scan_xml_parser
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$tmp = new finding(null, $this->tgt->get_ID(), $this->plugin->result->stig->get_PDI_ID(), $this->scan->get_ID(), $this->plugin->result->status, "[{$this->tgt->get_Name()}]: {$note}", finding::NC, "Nessus", 1);
|
$tmp = new finding($this->tgt->get_ID(), $this->plugin->result->stig->get_PDI_ID(), $this->scan->get_ID(), $this->plugin->result->status, "[{$this->tgt->get_Name()}]: {$note}", finding::NC, "Nessus", 1);
|
||||||
if (!is_null($pdi)) {
|
if (!is_null($pdi)) {
|
||||||
$tmp->set_Category($pdi->get_Category_Level());
|
$tmp->set_Category($pdi->get_Category_Level());
|
||||||
}
|
}
|
||||||
@ -1178,7 +1178,7 @@ class nessus_parser extends scan_xml_parser
|
|||||||
$stig = new stig($pdi_id, $this->plugin->result->stig, $this->plugin->desc);
|
$stig = new stig($pdi_id, $this->plugin->result->stig, $this->plugin->desc);
|
||||||
$this->db->add_Stig($stig);
|
$this->db->add_Stig($stig);
|
||||||
|
|
||||||
$tmp = new finding(null, $this->tgt->get_ID(), $pdi->get_ID(), $this->scan->get_ID(), $this->plugin->result->status, "[" . $this->tgt->get_Name() . "]: " . $note, finding::NC, "Nessus", 1);
|
$tmp = new finding($this->tgt->get_ID(), $pdi->get_ID(), $this->scan->get_ID(), $this->plugin->result->status, "[" . $this->tgt->get_Name() . "]: " . $note, finding::NC, "Nessus", 1);
|
||||||
$tmp->set_Category($this->plugin->result->cat);
|
$tmp->set_Category($this->plugin->result->cat);
|
||||||
|
|
||||||
if (isset($this->new_findings[$tmp->get_PDI_ID()])) {
|
if (isset($this->new_findings[$tmp->get_PDI_ID()])) {
|
||||||
@ -1211,14 +1211,12 @@ class nessus_parser extends scan_xml_parser
|
|||||||
$finding = $this->db->get_Finding($this->tgt, $this->plugin->db_plugin);
|
$finding = $this->db->get_Finding($this->tgt, $this->plugin->db_plugin);
|
||||||
|
|
||||||
if (is_array($finding) && count($finding)) {
|
if (is_array($finding) && count($finding)) {
|
||||||
$finding = $finding[0];
|
$finding = current($finding[0]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (is_a($finding, 'finding')) {
|
if (is_a($finding, 'finding')) {
|
||||||
|
/** @var finding $finding */
|
||||||
$this->log->script_log("Updating finding");
|
$this->log->script_log("Updating finding");
|
||||||
if (false) {
|
|
||||||
$finding = new finding();
|
|
||||||
}
|
|
||||||
if ($this->debug) {
|
if ($this->debug) {
|
||||||
$this->log->script_log("Finding exists: " . print_r($finding, true), E_DEBUG);
|
$this->log->script_log("Finding exists: " . print_r($finding, true), E_DEBUG);
|
||||||
}
|
}
|
||||||
@ -1265,7 +1263,7 @@ class nessus_parser extends scan_xml_parser
|
|||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$this->log->script_log("Adding new finding");
|
$this->log->script_log("Adding new finding");
|
||||||
$tmp = new finding(null, $this->tgt->get_ID(), $this->plugin->db_plugin->get_PDI_ID(), $this->scan->get_ID(), $this->plugin->result->status, $note, finding::NC, "Nessus", 1);
|
$tmp = new finding($this->tgt->get_ID(), $this->plugin->db_plugin->get_PDI_ID(), $this->scan->get_ID(), $this->plugin->result->status, $note, finding::NC, "Nessus", 1);
|
||||||
$tmp->set_Category($this->plugin->result->cat);
|
$tmp->set_Category($this->plugin->result->cat);
|
||||||
|
|
||||||
$this->new_findings[$tmp->get_PDI_ID()] = $tmp;
|
$this->new_findings[$tmp->get_PDI_ID()] = $tmp;
|
||||||
|
@ -49,7 +49,7 @@ $log = new Logger("nvd_cve");
|
|||||||
$log->pushHandler(new StreamHandler(LOG_PATH . "/nvd_cve.log", $log_level));
|
$log->pushHandler(new StreamHandler(LOG_PATH . "/nvd_cve.log", $log_level));
|
||||||
|
|
||||||
$db = new db();
|
$db = new db();
|
||||||
$json = json_decode(file_get_contents($cmd['f']));
|
$json = json_decode(file_get_contents($cmd['f']), true);
|
||||||
$existing_cves = [];
|
$existing_cves = [];
|
||||||
|
|
||||||
$db->help->select("cve_db", ['cve_id']);
|
$db->help->select("cve_db", ['cve_id']);
|
||||||
@ -60,19 +60,21 @@ if (is_array($cves) && count($cves)) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
print "Currently " . count($existing_cves) . " in DB" . PHP_EOL . "Parsing: " . count($json->CVE_Items) . " items" . PHP_EOL;
|
print "Currently " . count($existing_cves) . " in DB" . PHP_EOL . "Parsing: " . count($json['CVE_Items']) . " items" . PHP_EOL;
|
||||||
|
|
||||||
$db_cpes = [];
|
$db_cpes = [];
|
||||||
|
$db_cpes23 = [];
|
||||||
$new_cves = [];
|
$new_cves = [];
|
||||||
$new_cve_refs = [];
|
$new_cve_refs = [];
|
||||||
$sw_rows = [];
|
$sw_rows = [];
|
||||||
$new = 0;
|
$new = 0;
|
||||||
$existing = 0;
|
$existing = 0;
|
||||||
|
|
||||||
$db->help->select("software", ['id', 'cpe']);
|
$db->help->select("software", ['id', 'cpe', 'cpe23']);
|
||||||
$rows = $db->help->execute();
|
$rows = $db->help->execute();
|
||||||
foreach ($rows as $row) {
|
foreach ($rows as $row) {
|
||||||
$db_cpes["{$row['cpe']}"] = $row['id'];
|
$db_cpes["{$row['cpe']}"] = $row['id'];
|
||||||
|
$db_cpes23["{$row['cpe23']}"] = $row['id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$cve_fields = [
|
$cve_fields = [
|
||||||
@ -82,24 +84,22 @@ $ref_fields = [
|
|||||||
'cve_seq', 'source', 'url', 'val'
|
'cve_seq', 'source', 'url', 'val'
|
||||||
];
|
];
|
||||||
|
|
||||||
foreach ($json->CVE_Items as $cve) {
|
foreach ($json['CVE_Items'] as $cve) {
|
||||||
if (!isset($existing_cves["{$cve->cve->CVE_data_meta->ID}"])) {
|
if (!isset($existing_cves["{$cve['cve']['CVE_data_meta']['ID']}"])) {
|
||||||
$log->debug("Adding {$cve->cve->CVE_data_meta->ID}");
|
$log->debug("Adding {$cve['cve']['CVE_data_meta']['ID']}");
|
||||||
$new++;
|
$new++;
|
||||||
|
|
||||||
$desc = [];
|
$desc = [];
|
||||||
$status = null;
|
$status = null;
|
||||||
$phase = null;
|
$phase = null;
|
||||||
$cpes = [];
|
$cpes = [];
|
||||||
$name = $cve->cve->CVE_data_meta->ID;
|
$name = $cve['cve']['CVE_data_meta']['ID'];
|
||||||
$type = $cve->cve->data_type;
|
$seq = $cve['cve']['CVE_data_meta']['ID'];
|
||||||
$seq = $cve->cve->CVE_data_meta->ID;
|
$pd = new DateTime($cve['publishedDate']);
|
||||||
$pd = new DateTime($cve->publishedDate);
|
|
||||||
$lmd = new DateTime($cve->lastModifiedDate);
|
|
||||||
|
|
||||||
if (is_array($cve->cve->description->description_data) && count($cve->cve->description->description_data)) {
|
if (is_array($cve['cve']['description']['description_data']) && count($cve['cve']['description']['description_data'])) {
|
||||||
foreach ($cve->cve->description->description_data as $d) {
|
foreach ($cve['cve']['description']['description_data'] as $d) {
|
||||||
$desc[] = $d->value;
|
$desc[] = $d['value'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -107,24 +107,21 @@ foreach ($json->CVE_Items as $cve) {
|
|||||||
$name, $seq, $status, $phase, $pd, implode(PHP_EOL, $desc)
|
$name, $seq, $status, $phase, $pd, implode(PHP_EOL, $desc)
|
||||||
];
|
];
|
||||||
|
|
||||||
if (is_array($cve->cve->references->reference_data) && count($cve->cve->references->reference_data)) {
|
if (is_array($cve['cve']['references']['reference_data']) && count($cve['cve']['references']['reference_data'])) {
|
||||||
foreach ($cve->cve->references->reference_data as $ref) {
|
foreach ($cve['cve']['references']['reference_data'] as $ref) {
|
||||||
$log->debug("Adding reference {$ref->url}");
|
$log->debug("Adding reference {$ref['url']}");
|
||||||
$new_cve_refs[] = [
|
$new_cve_refs[] = [
|
||||||
$name, null, $ref->url, null
|
$name, null, $ref['url'], null
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (is_array($cve->configurations->nodes) && count($cve->configurations->nodes)) {
|
if(is_array($cve['configurations']['nodes']) && count($cve['configurations']['nodes'])) {
|
||||||
foreach ($cve->configurations->nodes as $n) {
|
foreach($cve['configurations']['nodes'] as $n) {
|
||||||
if (isset($n->cpe) && is_array($n->cpe) && count($n->cpe)) {
|
if(isset($n['cpe_match']) && is_array($n['cpe_match']) && count($n['cpe_match'])) {
|
||||||
foreach ($n->cpe as $cpe) {
|
foreach($n['cpe_match'] as $c) {
|
||||||
if (isset($cpe->cpe22Uri)) {
|
if($c['vulnerable'] && $c['cpe23Uri']) {
|
||||||
$cpes[] = $cpe->cpe22Uri;
|
$cpes[] = $c['cpe23Uri'];
|
||||||
}
|
|
||||||
elseif (isset($cpe->cpeMatchString)) {
|
|
||||||
$cpes[] = $cpe->cpeMatchString;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -135,6 +132,8 @@ foreach ($json->CVE_Items as $cve) {
|
|||||||
foreach ($cpes as $cpe) {
|
foreach ($cpes as $cpe) {
|
||||||
if (isset($db_cpes["{$cpe}"])) {
|
if (isset($db_cpes["{$cpe}"])) {
|
||||||
$sw_rows[] = [$name, $db_cpes["{$cpe}"]];
|
$sw_rows[] = [$name, $db_cpes["{$cpe}"]];
|
||||||
|
} elseif (isset($db_cpes23["{$cpe}"])) {
|
||||||
|
$sw_rows[] = [$name, $db_cpes23["{$cpe}"]];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -185,7 +184,7 @@ if (count($sw_rows)) {
|
|||||||
$db->help->execute();
|
$db->help->execute();
|
||||||
}
|
}
|
||||||
|
|
||||||
unlink($cmd['f']);
|
//unlink($cmd['f']);
|
||||||
|
|
||||||
print PHP_EOL;
|
print PHP_EOL;
|
||||||
|
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -296,6 +296,8 @@ foreach ($vulns as $vul) {
|
|||||||
$vuln_count++;
|
$vuln_count++;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$db->update_Target_Counts($tgt->get_ID());
|
||||||
|
|
||||||
unset($xml);
|
unset($xml);
|
||||||
if (!isset($cmd['debug'])) {
|
if (!isset($cmd['debug'])) {
|
||||||
rename($cmd['f'], TMP . "/stig_viewer/$base_name");
|
rename($cmd['f'], TMP . "/stig_viewer/$base_name");
|
||||||
|
@ -461,6 +461,7 @@ if (isset($cmd['nasl'])) {
|
|||||||
'nasl-count' => 0
|
'nasl-count' => 0
|
||||||
]);
|
]);
|
||||||
$count = 0;
|
$count = 0;
|
||||||
|
check_path(TMP . "/nessus_plugins");
|
||||||
|
|
||||||
// Capture start time for performance monitoring
|
// Capture start time for performance monitoring
|
||||||
$diff->resetClock();
|
$diff->resetClock();
|
||||||
@ -602,7 +603,9 @@ if (isset($cmd['stig'])) {
|
|||||||
'stig-count' => 0
|
'stig-count' => 0
|
||||||
]);
|
]);
|
||||||
$path = TMP . "/stigs";
|
$path = TMP . "/stigs";
|
||||||
check_path($path);
|
check_path(TMP . "/stigs");
|
||||||
|
check_path(TMP . "/stigs/zip");
|
||||||
|
$sunset_array = [];
|
||||||
|
|
||||||
$diff->resetClock();
|
$diff->resetClock();
|
||||||
print "Started STIG ingestion ({$diff->getStartClockTime()})" . PHP_EOL;
|
print "Started STIG ingestion ({$diff->getStartClockTime()})" . PHP_EOL;
|
||||||
@ -624,6 +627,132 @@ if (isset($cmd['stig'])) {
|
|||||||
$prev_mon = '07';
|
$prev_mon = '07';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$current_url = "https://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$mon}.zip";
|
||||||
|
$current_v2_url = "https://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$mon}_v2.zip";
|
||||||
|
$sunset_url = "https://iase.disa.mil/stigs/Lists/Sunset%20Master%20List/FinalView.aspx";
|
||||||
|
$stig_fname = "{$path}/stig_library-{$year}_{$mon}.zip";
|
||||||
|
|
||||||
|
if (!file_exists($stig_fname) && ping("disa.mil") && !isset($cmd['po'])) {
|
||||||
|
if (isset($cmd['u'])) {
|
||||||
|
$url = $cmd['u'];
|
||||||
|
$log->debug("Checking for $url");
|
||||||
|
|
||||||
|
if (url_exists($url)) {
|
||||||
|
download_file($url, $stig_fname, $db->help, 'stig-dl-progress');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$log->debug("Checking for $current_url");
|
||||||
|
|
||||||
|
if ($found = url_exists($current_url)) {
|
||||||
|
download_file($current_url, $stig_fname, $db->help, 'stig-dl-progress');
|
||||||
|
}
|
||||||
|
if (!$found) {
|
||||||
|
$log->debug("Checking for $current_v2_url");
|
||||||
|
|
||||||
|
if ($found = url_exists($current_v2_url)) {
|
||||||
|
download_file($current_v2_url, $stig_fname, $db->help, 'stig-dl-progress');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($mon == '01') {
|
||||||
|
$year--;
|
||||||
|
}
|
||||||
|
|
||||||
|
$prev_url = "https://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$prev_mon}.zip";
|
||||||
|
$prev_v2_url = "https://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$prev_mon}_v2.zip";
|
||||||
|
|
||||||
|
if (!$found) {
|
||||||
|
$log->debug("Checking for $prev_url");
|
||||||
|
if ($found = url_exists($prev_url)) {
|
||||||
|
download_file($prev_url, $stig_fname, $db->help, 'stig-dl-progress');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!$found) {
|
||||||
|
$log->debug("Checking for $prev_v2_url");
|
||||||
|
if (url_exists($prev_v2_url)) {
|
||||||
|
download_file($prev_v2_url, $stig_fname, $db->help, 'stig-dl-progress');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(ping("disa.mil") && !isset($cmd['po'])) {
|
||||||
|
$log->debug("Checking for $sunset_url");
|
||||||
|
|
||||||
|
if(url_exists($sunset_url)) {
|
||||||
|
$log->debug("Downloading sunset STIGs");
|
||||||
|
$contents = file_get_contents($sunset_url);
|
||||||
|
preg_match_all("/a href=\"([^ ]+STIG\.zip)/", $contents, $sunset_array);
|
||||||
|
|
||||||
|
if(is_array($sunset_array) && isset($sunset_array[1]) && count($sunset_array[1])) {
|
||||||
|
foreach($sunset_array[1] as $url) {
|
||||||
|
$sunset_fname = basename($url);
|
||||||
|
download_file($url, TMP . "/stigs/zip/{$sunset_fname}");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($cmd['do']) || isset($cmd['po'])) {
|
||||||
|
$stig_files = array_merge(
|
||||||
|
glob("{$path}/*.zip"), glob("{$path}/*.xml"), glob(TMP . "/*.zip"), glob(TMP . "/*.xml"), glob(TMP . "/stigs/xml/*.xml")
|
||||||
|
);
|
||||||
|
if (!count($stig_files)) {
|
||||||
|
die("Could not locate any XCCDF STIG libraries " . realpath(TMP));
|
||||||
|
}
|
||||||
|
|
||||||
|
$script = realpath(defined('PHP_BIN') ? PHP_BIN : PHP) .
|
||||||
|
" -c " . realpath(PHP_CONF) .
|
||||||
|
" -f " . realpath(DOC_ROOT . "/exec/background_stigs.php") . " --" .
|
||||||
|
(isset($cmd['exclude']) && $cmd['exclude'] ? " --exclude=\"{$cmd['exclude']}\"" : "") .
|
||||||
|
" --delete";
|
||||||
|
|
||||||
|
$log->debug("Script to run $script");
|
||||||
|
passthru($script);
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->help->select_count("sagacity.stigs");
|
||||||
|
$stig_count = $db->help->execute();
|
||||||
|
|
||||||
|
$db->set_Setting("stig-count", $stig_count);
|
||||||
|
|
||||||
|
$diff->stopClock();
|
||||||
|
|
||||||
|
print PHP_EOL . "Finished at {$diff->getEndClockTime()}" . PHP_EOL .
|
||||||
|
"Total Time: {$diff->getDiffString()}" . PHP_EOL;
|
||||||
|
|
||||||
|
sleep(3);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (is_a($diff->getTotalDiff(), 'DateInterval')) {
|
||||||
|
print "Total Script Time: {$diff->getTotalDiffString()}" . PHP_EOL;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Function to download the latest STIG compilation library zip file for extraction and updating
|
||||||
|
*/
|
||||||
|
function getStigLibrary()
|
||||||
|
{
|
||||||
|
global $current_date, $cmd, $log, $db;
|
||||||
|
$path = TMP;
|
||||||
|
|
||||||
|
$mon = '01';
|
||||||
|
$prev_mon = '10';
|
||||||
|
$year = (int) $current_date->format("Y");
|
||||||
|
|
||||||
|
if (between($current_date->format("n"), 4, 6)) {
|
||||||
|
$mon = '04';
|
||||||
|
$prev_mon = '01';
|
||||||
|
}
|
||||||
|
elseif (between($current_date->format("n"), 7, 9)) {
|
||||||
|
$mon = '07';
|
||||||
|
$prev_mon = '04';
|
||||||
|
}
|
||||||
|
elseif (between($current_date->format("n"), 10, 12)) {
|
||||||
|
$mon = '10';
|
||||||
|
$prev_mon = '07';
|
||||||
|
}
|
||||||
|
|
||||||
$current_url = "http://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$mon}.zip";
|
$current_url = "http://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$mon}.zip";
|
||||||
$current_v2_url = "http://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$mon}_v2.zip";
|
$current_v2_url = "http://iasecontent.disa.mil/stigs/zip/Compilations/U_SRG-STIG_Library_{$year}_{$mon}_v2.zip";
|
||||||
|
|
||||||
@ -671,109 +800,6 @@ if (isset($cmd['stig'])) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($cmd['do']) || isset($cmd['po'])) {
|
|
||||||
$stig_files = array_merge(
|
|
||||||
glob("{$path}/*.zip"), glob("{$path}/*.xml"), glob(TMP . "/*.zip"), glob(TMP . "/*.xml"), glob(TMP . "/stigs/xml/*.xml")
|
|
||||||
);
|
|
||||||
if (!file_exists($stig_fname) && !count($stig_files)) {
|
|
||||||
die("Could not locate $stig_fname or find any other zip files in " . realpath(TMP));
|
|
||||||
}
|
|
||||||
|
|
||||||
$script = realpath(defined('PHP_BIN') ? PHP_BIN : PHP) .
|
|
||||||
" -c " . realpath(PHP_CONF) .
|
|
||||||
" -f " . realpath(DOC_ROOT . "/exec/background_stigs.php") . " --" .
|
|
||||||
(isset($cmd['exclude']) && $cmd['exclude'] ? " --exclude=\"{$cmd['exclude']}\"" : "") .
|
|
||||||
" --delete";
|
|
||||||
|
|
||||||
$log->debug("Script to run $script");
|
|
||||||
passthru($script);
|
|
||||||
}
|
|
||||||
|
|
||||||
$db->help->select_count("sagacity.stigs");
|
|
||||||
$stig_count = $db->help->execute();
|
|
||||||
|
|
||||||
$db->set_Setting("stig-count", $stig_count);
|
|
||||||
|
|
||||||
$diff->stopClock();
|
|
||||||
|
|
||||||
print PHP_EOL . "Finished at {$diff->getEndClockTime()}" . PHP_EOL .
|
|
||||||
"Total Time: {$diff->getDiffString()}" . PHP_EOL;
|
|
||||||
|
|
||||||
sleep(3);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Update Sunset STIG library from DISA content
|
|
||||||
*/
|
|
||||||
if (isset($cmd['sunset'])) {
|
|
||||||
$db->set_Setting_Array([
|
|
||||||
'stig-dl-progress' => 0,
|
|
||||||
'stig-progress' => 0,
|
|
||||||
'stig-count' => 0
|
|
||||||
]);
|
|
||||||
$path = TMP . "/stigs/zip";
|
|
||||||
check_path($path);
|
|
||||||
$sunset_array = [];
|
|
||||||
|
|
||||||
$diff->resetClock();
|
|
||||||
print "Started Sunset STIG ingestion ({$diff->getStartClockTime()})" . PHP_EOL;
|
|
||||||
|
|
||||||
$sunset_url="https://iase.disa.mil/stigs/Lists/Sunset%20Master%20List/FinalView.aspx";
|
|
||||||
|
|
||||||
if (ping("disa.mil") && !isset($cmd['po'])) {
|
|
||||||
$log->debug("Checking for $sunset_url");
|
|
||||||
if ($found = url_exists($sunset_url)) {
|
|
||||||
$contents=file_get_contents($sunset_url);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$found) {
|
|
||||||
$log->debug("Unable to download $sunset_url, aborting Sunset");
|
|
||||||
die("Unable to open $sunset_url, aborting Sunset");
|
|
||||||
}
|
|
||||||
|
|
||||||
preg_match_all("/a href=\"([^ ]+zip\/U_[^ ]+STIG\.zip)/", $contents, $sunset_array);
|
|
||||||
|
|
||||||
foreach($sunset_array[1] as $url) {
|
|
||||||
$sunset_fname = basename($url);
|
|
||||||
download_file($url, "{$path}/$sunset_fname");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!isset($cmd['do']) || isset($cmd['po'])) {
|
|
||||||
$stig_files = array_merge(
|
|
||||||
glob("{$path}/*.zip"), glob("{$path}/*.xml"),
|
|
||||||
glob(TMP . "/*.zip"), glob(TMP . "/*.xml"), glob(TMP . "/stigs/xml/*.xml")
|
|
||||||
);
|
|
||||||
if (!count($stig_files)) {
|
|
||||||
die("Could not find any other zip files in " . realpath(TMP));
|
|
||||||
}
|
|
||||||
|
|
||||||
$script = realpath(defined('PHP_BIN') ? PHP_BIN : PHP) .
|
|
||||||
" -c " . realpath(PHP_CONF) .
|
|
||||||
" -f " . realpath(DOC_ROOT . "/exec/background_stigs.php") . " --" .
|
|
||||||
(isset($cmd['exclude']) && $cmd['exclude'] ? " --exclude=\"{$cmd['exclude']}\"" : "") .
|
|
||||||
" --delete";
|
|
||||||
|
|
||||||
$log->debug("Script to run $script");
|
|
||||||
passthru($script);
|
|
||||||
}
|
|
||||||
|
|
||||||
$db->help->select_count("sagacity.stigs");
|
|
||||||
$stig_count = $db->help->execute();
|
|
||||||
|
|
||||||
$db->set_Setting("stig-count", $stig_count);
|
|
||||||
|
|
||||||
$diff->stopClock();
|
|
||||||
|
|
||||||
print PHP_EOL . "Finished at {$diff->getEndClockTime()}" . PHP_EOL .
|
|
||||||
"Total Time: {$diff->getDiffString()}" . PHP_EOL;
|
|
||||||
|
|
||||||
sleep(3);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (is_a($diff->getTotalDiff(), 'DateInterval')) {
|
|
||||||
print "Total Script Time: {$diff->getTotalDiffString()}" . PHP_EOL;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -793,7 +819,6 @@ Usage: php update_db.php [--cpe] [--cve] [--nvd] [--nasl] [--stig] [-u={URL}] [-
|
|||||||
--nasl To download OpenVAS NVT library and update NASL files
|
--nasl To download OpenVAS NVT library and update NASL files
|
||||||
You can also extract *.nasl files from the Nessus library to $tmp/nessus_plugins and it will include these in the update
|
You can also extract *.nasl files from the Nessus library to $tmp/nessus_plugins and it will include these in the update
|
||||||
--stig To download and update the STIG library
|
--stig To download and update the STIG library
|
||||||
--sunset To download and update the STIG library with the STIGs DISA has archived
|
|
||||||
|
|
||||||
--do To download the files only...do not call the parsers will overwrite any existing files
|
--do To download the files only...do not call the parsers will overwrite any existing files
|
||||||
--po To parse the downloaded files only, do not download
|
--po To parse the downloaded files only, do not download
|
||||||
|
BIN
img/scan_types/echecklist-failed.png
Normal file
BIN
img/scan_types/echecklist-failed.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 19 KiB |
@ -15,6 +15,8 @@
|
|||||||
* - Apr 29, 2018 - Changed default message and formatting
|
* - Apr 29, 2018 - Changed default message and formatting
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
$files = glob(TMP . "/*.*");
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<div id="import" class="box">
|
<div id="import" class="box">
|
||||||
@ -112,6 +114,12 @@
|
|||||||
</form>
|
</form>
|
||||||
|
|
||||||
<div style='margin-left: 20px;'>
|
<div style='margin-left: 20px;'>
|
||||||
|
<?php
|
||||||
|
if(is_array($files) && count($files)) {
|
||||||
|
natsort($files);
|
||||||
|
print "<span style='background-color:red;color:white;font-size:16px;' title='" . implode("\n", $files) . "'>NOTE: There are still files in the " . realpath(TMP) . " directory (mouse over to see)</span><br />";
|
||||||
|
}
|
||||||
|
?>
|
||||||
<input type='text' id='location' placeholder='Physical Location...' /><br />
|
<input type='text' id='location' placeholder='Physical Location...' /><br />
|
||||||
<input type='button' class='button' id='add-scan' value='Add Scan Result' onclick='add_scans();' /><br />
|
<input type='button' class='button' id='add-scan' value='Add Scan Result' onclick='add_scans();' /><br />
|
||||||
<label for='ignore_hidden' id='ignore_label'>Ignore Hidden Tabs in Excel eChecklists</label>
|
<label for='ignore_hidden' id='ignore_label'>Ignore Hidden Tabs in Excel eChecklists</label>
|
||||||
|
@ -103,6 +103,10 @@ class Array2XML {
|
|||||||
//return from recursion, as a note with cdata cannot have child nodes.
|
//return from recursion, as a note with cdata cannot have child nodes.
|
||||||
return $node;
|
return $node;
|
||||||
}
|
}
|
||||||
|
elseif(isset($arr['@comment']) && is_string($arr['@comment'])) {
|
||||||
|
$node->appendChild($xml->createComment(self::bool2str($arr['@comment'])));
|
||||||
|
unset($arr['@comment']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//create subnodes using recursion
|
//create subnodes using recursion
|
||||||
|
@ -4,7 +4,8 @@
|
|||||||
"cocur/background-process" : "~0.7",
|
"cocur/background-process" : "~0.7",
|
||||||
"tecnickcom/tcpdf" : "~6.2",
|
"tecnickcom/tcpdf" : "~6.2",
|
||||||
"pacificsec/cpe" : "1.0.1",
|
"pacificsec/cpe" : "1.0.1",
|
||||||
"monolog/monolog" : "~1.23"
|
"monolog/monolog" : "~1.23",
|
||||||
|
"openlss/lib-array2xml" : "~0.5"
|
||||||
},
|
},
|
||||||
"require-dev" : {
|
"require-dev" : {
|
||||||
"phpunit/phpunit" : "~7.3"
|
"phpunit/phpunit" : "~7.3"
|
||||||
|
123
inc/composer.lock
generated
123
inc/composer.lock
generated
@ -4,7 +4,7 @@
|
|||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "8bf5f4a76098ff9277648c58793a04b5",
|
"content-hash": "0cb5c8b41ce699cfddd3ad1295045652",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "cocur/background-process",
|
"name": "cocur/background-process",
|
||||||
@ -46,16 +46,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "markbaker/complex",
|
"name": "markbaker/complex",
|
||||||
"version": "1.4.6",
|
"version": "1.4.7",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/MarkBaker/PHPComplex.git",
|
"url": "https://github.com/MarkBaker/PHPComplex.git",
|
||||||
"reference": "a78d82ae4e682c3809fc3023d1b0ce654f6ab12b"
|
"reference": "1ea674a8308baf547cbcbd30c5fcd6d301b7c000"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/MarkBaker/PHPComplex/zipball/a78d82ae4e682c3809fc3023d1b0ce654f6ab12b",
|
"url": "https://api.github.com/repos/MarkBaker/PHPComplex/zipball/1ea674a8308baf547cbcbd30c5fcd6d301b7c000",
|
||||||
"reference": "a78d82ae4e682c3809fc3023d1b0ce654f6ab12b",
|
"reference": "1ea674a8308baf547cbcbd30c5fcd6d301b7c000",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -137,7 +137,7 @@
|
|||||||
"complex",
|
"complex",
|
||||||
"mathematics"
|
"mathematics"
|
||||||
],
|
],
|
||||||
"time": "2018-07-31T08:38:40+00:00"
|
"time": "2018-10-13T23:28:42+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "monolog/monolog",
|
"name": "monolog/monolog",
|
||||||
@ -217,6 +217,55 @@
|
|||||||
],
|
],
|
||||||
"time": "2017-06-19T01:22:40+00:00"
|
"time": "2017-06-19T01:22:40+00:00"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "openlss/lib-array2xml",
|
||||||
|
"version": "0.5.1",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/nullivex/lib-array2xml.git",
|
||||||
|
"reference": "c8b5998a342d7861f2e921403f44e0a2f3ef2be0"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/nullivex/lib-array2xml/zipball/c8b5998a342d7861f2e921403f44e0a2f3ef2be0",
|
||||||
|
"reference": "c8b5998a342d7861f2e921403f44e0a2f3ef2be0",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"php": ">=5.3.2"
|
||||||
|
},
|
||||||
|
"type": "library",
|
||||||
|
"autoload": {
|
||||||
|
"psr-0": {
|
||||||
|
"LSS": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"Apache-2.0"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Bryan Tong",
|
||||||
|
"email": "contact@nullivex.com",
|
||||||
|
"homepage": "http://bryantong.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Tony Butler",
|
||||||
|
"email": "spudz76@gmail.com",
|
||||||
|
"homepage": "http://openlss.org"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Array2XML conversion library credit to lalit.org",
|
||||||
|
"homepage": "http://openlss.org",
|
||||||
|
"keywords": [
|
||||||
|
"array",
|
||||||
|
"array conversion",
|
||||||
|
"xml",
|
||||||
|
"xml conversion"
|
||||||
|
],
|
||||||
|
"time": "2016-11-10T19:10:18+00:00"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "pacificsec/cpe",
|
"name": "pacificsec/cpe",
|
||||||
"version": "1.0.1",
|
"version": "1.0.1",
|
||||||
@ -262,16 +311,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "phpoffice/phpspreadsheet",
|
"name": "phpoffice/phpspreadsheet",
|
||||||
"version": "1.4.0",
|
"version": "1.4.1",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/PHPOffice/PhpSpreadsheet.git",
|
"url": "https://github.com/PHPOffice/PhpSpreadsheet.git",
|
||||||
"reference": "125f462a718956f37d81305ca0df4f17cef0f3b9"
|
"reference": "57404f43742a8164b5eac3ab03b962d8740885c1"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/PHPOffice/PhpSpreadsheet/zipball/125f462a718956f37d81305ca0df4f17cef0f3b9",
|
"url": "https://api.github.com/repos/PHPOffice/PhpSpreadsheet/zipball/57404f43742a8164b5eac3ab03b962d8740885c1",
|
||||||
"reference": "125f462a718956f37d81305ca0df4f17cef0f3b9",
|
"reference": "57404f43742a8164b5eac3ab03b962d8740885c1",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -304,7 +353,7 @@
|
|||||||
"dompdf/dompdf": "Option for rendering PDF with PDF Writer",
|
"dompdf/dompdf": "Option for rendering PDF with PDF Writer",
|
||||||
"jpgraph/jpgraph": "Option for rendering charts, or including charts with PDF or HTML Writers",
|
"jpgraph/jpgraph": "Option for rendering charts, or including charts with PDF or HTML Writers",
|
||||||
"mpdf/mpdf": "Option for rendering PDF with PDF Writer",
|
"mpdf/mpdf": "Option for rendering PDF with PDF Writer",
|
||||||
"tecnick.com/tcpdf": "Option for rendering PDF with PDF Writer"
|
"tecnickcom/tcpdf": "Option for rendering PDF with PDF Writer"
|
||||||
},
|
},
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@ -345,7 +394,7 @@
|
|||||||
"xls",
|
"xls",
|
||||||
"xlsx"
|
"xlsx"
|
||||||
],
|
],
|
||||||
"time": "2018-08-06T02:58:06+00:00"
|
"time": "2018-09-30T03:57:24+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "psr/log",
|
"name": "psr/log",
|
||||||
@ -444,16 +493,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "tecnickcom/tcpdf",
|
"name": "tecnickcom/tcpdf",
|
||||||
"version": "6.2.22",
|
"version": "6.2.26",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/tecnickcom/TCPDF.git",
|
"url": "https://github.com/tecnickcom/TCPDF.git",
|
||||||
"reference": "ac6e92fccc7d9383dfd787056831349621b1aca2"
|
"reference": "367241059ca166e3a76490f4448c284e0a161f15"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/tecnickcom/TCPDF/zipball/ac6e92fccc7d9383dfd787056831349621b1aca2",
|
"url": "https://api.github.com/repos/tecnickcom/TCPDF/zipball/367241059ca166e3a76490f4448c284e0a161f15",
|
||||||
"reference": "ac6e92fccc7d9383dfd787056831349621b1aca2",
|
"reference": "367241059ca166e3a76490f4448c284e0a161f15",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -502,7 +551,7 @@
|
|||||||
"pdf417",
|
"pdf417",
|
||||||
"qrcode"
|
"qrcode"
|
||||||
],
|
],
|
||||||
"time": "2018-09-14T15:26:29+00:00"
|
"time": "2018-10-16T17:24:05+00:00"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"packages-dev": [
|
"packages-dev": [
|
||||||
@ -927,16 +976,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "phpunit/php-code-coverage",
|
"name": "phpunit/php-code-coverage",
|
||||||
"version": "6.0.7",
|
"version": "6.1.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
|
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
|
||||||
"reference": "865662550c384bc1db7e51d29aeda1c2c161d69a"
|
"reference": "0685fb6a43aed1b2e09804d1aaf17144c82861f8"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/865662550c384bc1db7e51d29aeda1c2c161d69a",
|
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/0685fb6a43aed1b2e09804d1aaf17144c82861f8",
|
||||||
"reference": "865662550c384bc1db7e51d29aeda1c2c161d69a",
|
"reference": "0685fb6a43aed1b2e09804d1aaf17144c82861f8",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -960,7 +1009,7 @@
|
|||||||
"type": "library",
|
"type": "library",
|
||||||
"extra": {
|
"extra": {
|
||||||
"branch-alias": {
|
"branch-alias": {
|
||||||
"dev-master": "6.0-dev"
|
"dev-master": "6.1-dev"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@ -986,7 +1035,7 @@
|
|||||||
"testing",
|
"testing",
|
||||||
"xunit"
|
"xunit"
|
||||||
],
|
],
|
||||||
"time": "2018-06-01T07:51:50+00:00"
|
"time": "2018-10-16T05:37:37+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "phpunit/php-file-iterator",
|
"name": "phpunit/php-file-iterator",
|
||||||
@ -1179,16 +1228,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "phpunit/phpunit",
|
"name": "phpunit/phpunit",
|
||||||
"version": "7.3.5",
|
"version": "7.4.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/sebastianbergmann/phpunit.git",
|
"url": "https://github.com/sebastianbergmann/phpunit.git",
|
||||||
"reference": "7b331efabbb628c518c408fdfcaf571156775de2"
|
"reference": "f3837fa1e07758057ae06e8ddec6d06ba183f126"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/7b331efabbb628c518c408fdfcaf571156775de2",
|
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/f3837fa1e07758057ae06e8ddec6d06ba183f126",
|
||||||
"reference": "7b331efabbb628c518c408fdfcaf571156775de2",
|
"reference": "f3837fa1e07758057ae06e8ddec6d06ba183f126",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -1213,7 +1262,7 @@
|
|||||||
"sebastian/exporter": "^3.1",
|
"sebastian/exporter": "^3.1",
|
||||||
"sebastian/global-state": "^2.0",
|
"sebastian/global-state": "^2.0",
|
||||||
"sebastian/object-enumerator": "^3.0.3",
|
"sebastian/object-enumerator": "^3.0.3",
|
||||||
"sebastian/resource-operations": "^1.0",
|
"sebastian/resource-operations": "^2.0",
|
||||||
"sebastian/version": "^2.0.1"
|
"sebastian/version": "^2.0.1"
|
||||||
},
|
},
|
||||||
"conflict": {
|
"conflict": {
|
||||||
@ -1233,7 +1282,7 @@
|
|||||||
"type": "library",
|
"type": "library",
|
||||||
"extra": {
|
"extra": {
|
||||||
"branch-alias": {
|
"branch-alias": {
|
||||||
"dev-master": "7.3-dev"
|
"dev-master": "7.4-dev"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@ -1259,7 +1308,7 @@
|
|||||||
"testing",
|
"testing",
|
||||||
"xunit"
|
"xunit"
|
||||||
],
|
],
|
||||||
"time": "2018-09-08T15:14:29+00:00"
|
"time": "2018-10-05T04:05:24+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/code-unit-reverse-lookup",
|
"name": "sebastian/code-unit-reverse-lookup",
|
||||||
@ -1741,25 +1790,25 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/resource-operations",
|
"name": "sebastian/resource-operations",
|
||||||
"version": "1.0.0",
|
"version": "2.0.1",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/sebastianbergmann/resource-operations.git",
|
"url": "https://github.com/sebastianbergmann/resource-operations.git",
|
||||||
"reference": "ce990bb21759f94aeafd30209e8cfcdfa8bc3f52"
|
"reference": "4d7a795d35b889bf80a0cc04e08d77cedfa917a9"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/sebastianbergmann/resource-operations/zipball/ce990bb21759f94aeafd30209e8cfcdfa8bc3f52",
|
"url": "https://api.github.com/repos/sebastianbergmann/resource-operations/zipball/4d7a795d35b889bf80a0cc04e08d77cedfa917a9",
|
||||||
"reference": "ce990bb21759f94aeafd30209e8cfcdfa8bc3f52",
|
"reference": "4d7a795d35b889bf80a0cc04e08d77cedfa917a9",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
"php": ">=5.6.0"
|
"php": "^7.1"
|
||||||
},
|
},
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"extra": {
|
"extra": {
|
||||||
"branch-alias": {
|
"branch-alias": {
|
||||||
"dev-master": "1.0.x-dev"
|
"dev-master": "2.0-dev"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@ -1779,7 +1828,7 @@
|
|||||||
],
|
],
|
||||||
"description": "Provides a list of PHP built-in functions that operate on resources",
|
"description": "Provides a list of PHP built-in functions that operate on resources",
|
||||||
"homepage": "https://www.github.com/sebastianbergmann/resource-operations",
|
"homepage": "https://www.github.com/sebastianbergmann/resource-operations",
|
||||||
"time": "2015-07-28T20:34:47+00:00"
|
"time": "2018-10-04T04:07:39+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "sebastian/version",
|
"name": "sebastian/version",
|
||||||
|
7800
inc/database.inc
7800
inc/database.inc
File diff suppressed because it is too large
Load Diff
@ -26,7 +26,7 @@
|
|||||||
?>
|
?>
|
||||||
|
|
||||||
<div id='copyright-text'>
|
<div id='copyright-text'>
|
||||||
<p>Portions Copyright © 2016-2018 Cyber Perspective, LLC All rights reserved.</p>
|
<p>Portions Copyright © 2016-2018 Cyber Perspectives, LLC All rights reserved.</p>
|
||||||
<p>Portions Copyright © 2012-2015 Salient Federal Solutions</p>
|
<p>Portions Copyright © 2012-2015 Salient Federal Solutions</p>
|
||||||
<p>Portions Copyright © 2008-2011 Science Applications International Corp.</p>
|
<p>Portions Copyright © 2008-2011 Science Applications International Corp.</p>
|
||||||
</div>
|
</div>
|
||||||
|
@ -242,6 +242,9 @@ function FileDetection($filename)
|
|||||||
if (preg_match('/Checklist:|Unclassified|Secret|STIG[_| ]ID/i', $line)) {
|
if (preg_match('/Checklist:|Unclassified|Secret|STIG[_| ]ID/i', $line)) {
|
||||||
$name['type'] = ECHECKLIST_CSV;
|
$name['type'] = ECHECKLIST_CSV;
|
||||||
}
|
}
|
||||||
|
elseif (preg_match("/host\-list/", $name['base_name'])) {
|
||||||
|
$name['type'] = HOST_LIST;
|
||||||
|
}
|
||||||
elseif (preg_match('/^\"NetBIOSName|^\"JobName/', $line)) {
|
elseif (preg_match('/^\"NetBIOSName|^\"JobName/', $line)) {
|
||||||
$name['type'] = UNSUPPORTED_RETINA_CSV;
|
$name['type'] = UNSUPPORTED_RETINA_CSV;
|
||||||
}
|
}
|
||||||
@ -831,7 +834,7 @@ function logify($fname)
|
|||||||
touch(LOG_PATH . "/{$fname}.log");
|
touch(LOG_PATH . "/{$fname}.log");
|
||||||
}
|
}
|
||||||
|
|
||||||
return LOG_PATH . "/{$fname}.log";
|
return realpath(LOG_PATH . "/{$fname}.log");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -852,3 +855,29 @@ function convert_log_level()
|
|||||||
return Logger::ERROR;
|
return Logger::ERROR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Helper method to scrape a web page
|
||||||
|
*
|
||||||
|
* @param string $url
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
function scrape_webpage($url)
|
||||||
|
{
|
||||||
|
$config = [
|
||||||
|
CURLOPT_RETURNTRANSFER => true,
|
||||||
|
CURLOPT_FOLLOWLOCATION => true,
|
||||||
|
CURLOPT_HEADER => true,
|
||||||
|
CURLOPT_SSL_VERIFYPEER => false,
|
||||||
|
CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13',
|
||||||
|
CURLOPT_URL => $url
|
||||||
|
];
|
||||||
|
$c = curl_init();
|
||||||
|
|
||||||
|
curl_setopt_array($c, $config);
|
||||||
|
|
||||||
|
$output = curl_exec($c);
|
||||||
|
|
||||||
|
return $output;
|
||||||
|
}
|
||||||
|
179
inc/menu.inc
179
inc/menu.inc
@ -33,116 +33,117 @@ $report = '';
|
|||||||
$script_name = filter_input(INPUT_SERVER, 'SCRIPT_NAME', FILTER_SANITIZE_STRING);
|
$script_name = filter_input(INPUT_SERVER, 'SCRIPT_NAME', FILTER_SANITIZE_STRING);
|
||||||
|
|
||||||
if (preg_match('/ste|proc/', $script_name)) {
|
if (preg_match('/ste|proc/', $script_name)) {
|
||||||
$ops = " class='active'";
|
$ops = " class='active'";
|
||||||
}
|
} elseif (preg_match('/results/', $script_name)) {
|
||||||
elseif (preg_match('/results/', $script_name)) {
|
$results = " class='active'";
|
||||||
$results = " class='active'";
|
} elseif (preg_match('/data/', $script_name)) {
|
||||||
}
|
$data = " class='active'";
|
||||||
elseif (preg_match('/data/', $script_name)) {
|
} elseif (preg_match('/report/', $script_name)) {
|
||||||
$data = " class='active'";
|
$report = " class='active'";
|
||||||
}
|
|
||||||
elseif (preg_match('/report/', $script_name)) {
|
|
||||||
$report = " class='active'";
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<script type='text/javascript'>
|
<script type='text/javascript'>
|
||||||
$(function () {
|
$(function () {
|
||||||
window.onload = montre;
|
window.onload = montre;
|
||||||
});
|
});
|
||||||
|
|
||||||
function montre(id) {
|
function montre(id) {
|
||||||
$("dd[id^='smenu']").hide();
|
$("dd[id^='smenu']").hide();
|
||||||
if (id && typeof id == 'string') {
|
if (id && typeof id == 'string') {
|
||||||
$('#' + id).show();
|
$('#' + id).show();
|
||||||
|
var ele = $('#' + id).parent().children('dt');
|
||||||
|
$('#' + id).css('left', ele.position().left + ele.width());
|
||||||
|
$('#' + id).css('top', ele.position().top + ele.height());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<style type="text/css">
|
<style type="text/css">
|
||||||
dl, dt, dd, ul, li {
|
dl, dt, dd, ul, li {
|
||||||
margin: 0;
|
margin: 0;
|
||||||
padding: 0;
|
padding: 0;
|
||||||
list-style-type: none;
|
list-style-type: none;
|
||||||
z-index: 100;
|
z-index: 100;
|
||||||
}
|
}
|
||||||
#menu {
|
|
||||||
width: 25px;
|
|
||||||
display: table-cell;
|
|
||||||
}
|
|
||||||
|
|
||||||
#menu dt {
|
#menu {
|
||||||
cursor: pointer;
|
width: 25px;
|
||||||
text-align: center;
|
display: table-cell;
|
||||||
font-weight: bold;
|
}
|
||||||
}
|
|
||||||
|
|
||||||
#menu dd {
|
#menu dt {
|
||||||
position: fixed;
|
cursor: pointer;
|
||||||
z-index: 100;
|
text-align: center;
|
||||||
width: 10em;
|
font-weight: bold;
|
||||||
background: #B4B2B2;
|
}
|
||||||
border: 1px solid gray;
|
|
||||||
}
|
|
||||||
|
|
||||||
#menu ul {
|
#menu dd {
|
||||||
padding: 2px;
|
position: fixed;
|
||||||
}
|
z-index: 100;
|
||||||
#menu li {
|
width: 10em;
|
||||||
text-align: center;
|
background: #B4B2B2;
|
||||||
font-size: 85%;
|
border: 1px solid gray;
|
||||||
height: 18px;
|
}
|
||||||
line-height: 18px;
|
|
||||||
}
|
|
||||||
#menu li a, #menu dt a {
|
|
||||||
color: #000;
|
|
||||||
text-decoration: none;
|
|
||||||
display: block;
|
|
||||||
}
|
|
||||||
|
|
||||||
#menu li a:hover {
|
#menu ul {
|
||||||
text-decoration: underline;
|
padding: 2px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#menu li {
|
||||||
|
text-align: center;
|
||||||
|
font-size: 85%;
|
||||||
|
height: 18px;
|
||||||
|
line-height: 18px;
|
||||||
|
}
|
||||||
|
|
||||||
|
#menu li a, #menu dt a {
|
||||||
|
color: #000;
|
||||||
|
text-decoration: none;
|
||||||
|
display: block;
|
||||||
|
}
|
||||||
|
|
||||||
|
#menu li a:hover {
|
||||||
|
text-decoration: underline;
|
||||||
|
}
|
||||||
</style>
|
</style>
|
||||||
|
|
||||||
<ul id="menu-bar">
|
<ul id="menu-bar">
|
||||||
<li<?php print $ops; ?>><a href="javascript:void(0);">Operations</a>
|
<li <?php print $ops; ?>><a href="javascript:void(0);">Operations</a>
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="/ste">ST&E Operations</a></li>
|
<li><a href="/ste">ST&E Operations</a></li>
|
||||||
<li><a href='/ste/stats.php'>Stats</a></li>
|
<li><a href='/ste/stats.php'>Stats</a></li>
|
||||||
<?php if (file_exists(DOC_ROOT . "/proc")) { ?>
|
<?php if (file_exists(DOC_ROOT . "/proc")) { ?>
|
||||||
<li><a href = "/proc">Procedural Operations</a></li>
|
<li><a href="/proc">Procedural Operations</a></li>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
</ul>
|
</ul></li>
|
||||||
</li>
|
<li <?php print $results; ?>><a href="javascript:void(0);">Scans</a>
|
||||||
<li<?php print $results; ?>><a href="javascript:void(0);">Scans</a>
|
<ul>
|
||||||
<ul>
|
<li><a href="/results">Results</a></li>
|
||||||
<li><a href="/results">Results</a></li>
|
<li><a href="/results/?add_scan=1">Add Scan</a></li>
|
||||||
<li><a href="/results/?add_scan=1">Add Scan</a></li>
|
</ul></li>
|
||||||
</ul>
|
|
||||||
</li>
|
|
||||||
<?php if (file_exists(DOC_ROOT . "/report")) { ?>
|
<?php if (file_exists(DOC_ROOT . "/report")) { ?>
|
||||||
<li<?php print $report; ?>><a href="javascript:void(0);">Report</a>
|
<li <?php print $report; ?>><a href="javascript:void(0);">Report</a>
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="/report/sanity.php?step=1">Sanity Check</a></li>
|
<li><a href="/report/sanity.php?step=1">Sanity Check</a></li>
|
||||||
<li><a href="/report/create.php">Create Risk Assessment</a></li>
|
<li><a href="/report/create.php">Create Risk Assessment</a></li>
|
||||||
</ul>
|
</ul></li>
|
||||||
</li>
|
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
<li<?php print $data; ?>><a href="javascript:void(0);">Management</a>
|
<li <?php print $data; ?>><a href="javascript:void(0);">Management</a>
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="/data/?p=MSMgmt">Systems</a></li>
|
<li><a href="/data/?p=MSMgmt">Systems</a></li>
|
||||||
<li><a href="/data/?p=SiteMgmt">Sites</a></li>
|
<li><a href="/data/?p=SiteMgmt">Sites</a></li>
|
||||||
<li><a href="/data/?p=STEMgmt">ST&E</a></li>
|
<li><a href="/data/?p=STEMgmt">ST&E</a></li>
|
||||||
<li><a href="/data/?p=CatMgmt">Catalog</a></li>
|
<li><a href="/data/?p=CatMgmt">Catalog</a></li>
|
||||||
<li><a href="/data/?p=Settings">Settings</a></li>
|
<li><a href="/data/?p=Settings">Settings</a></li>
|
||||||
<li><a href="/data/?p=Search">Search</a></li>
|
<li><a href="/data/?p=Search">Search</a></li>
|
||||||
<li><a href="/data/?p=TgtSearch">Target Search</a></li>
|
<li><a href="/data/?p=TgtSearch">Target Search</a></li>
|
||||||
</ul>
|
</ul></li>
|
||||||
</li>
|
<li>
|
||||||
<li>
|
<form method="post" action="/data/?p=Search" target="_blank"
|
||||||
<form method="post" action="/data/?p=Search" target="_blank" style="display:inline-block;">
|
style="display: inline-block;">
|
||||||
<input type="text" style="vertical-align:text-bottom;" name="q" placeholder="Search..." />
|
<input type="text" style="vertical-align: text-bottom;" name="q"
|
||||||
</form>
|
placeholder="Search..." />
|
||||||
</li>
|
</form>
|
||||||
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
2
inc/vendor/composer/ClassLoader.php
vendored
2
inc/vendor/composer/ClassLoader.php
vendored
@ -377,7 +377,7 @@ class ClassLoader
|
|||||||
$subPath = $class;
|
$subPath = $class;
|
||||||
while (false !== $lastPos = strrpos($subPath, '\\')) {
|
while (false !== $lastPos = strrpos($subPath, '\\')) {
|
||||||
$subPath = substr($subPath, 0, $lastPos);
|
$subPath = substr($subPath, 0, $lastPos);
|
||||||
$search = $subPath.'\\';
|
$search = $subPath . '\\';
|
||||||
if (isset($this->prefixDirsPsr4[$search])) {
|
if (isset($this->prefixDirsPsr4[$search])) {
|
||||||
$pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1);
|
$pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1);
|
||||||
foreach ($this->prefixDirsPsr4[$search] as $dir) {
|
foreach ($this->prefixDirsPsr4[$search] as $dir) {
|
||||||
|
1
inc/vendor/composer/autoload_namespaces.php
vendored
1
inc/vendor/composer/autoload_namespaces.php
vendored
@ -6,4 +6,5 @@ $vendorDir = dirname(dirname(__FILE__));
|
|||||||
$baseDir = dirname($vendorDir);
|
$baseDir = dirname($vendorDir);
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
|
'LSS' => array($vendorDir . '/openlss/lib-array2xml'),
|
||||||
);
|
);
|
||||||
|
11
inc/vendor/composer/autoload_static.php
vendored
11
inc/vendor/composer/autoload_static.php
vendored
@ -101,6 +101,16 @@ class ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72
|
|||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
public static $prefixesPsr0 = array (
|
||||||
|
'L' =>
|
||||||
|
array (
|
||||||
|
'LSS' =>
|
||||||
|
array (
|
||||||
|
0 => __DIR__ . '/..' . '/openlss/lib-array2xml',
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
public static $classMap = array (
|
public static $classMap = array (
|
||||||
'Datamatrix' => __DIR__ . '/..' . '/tecnickcom/tcpdf/include/barcodes/datamatrix.php',
|
'Datamatrix' => __DIR__ . '/..' . '/tecnickcom/tcpdf/include/barcodes/datamatrix.php',
|
||||||
'PDF417' => __DIR__ . '/..' . '/tecnickcom/tcpdf/include/barcodes/pdf417.php',
|
'PDF417' => __DIR__ . '/..' . '/tecnickcom/tcpdf/include/barcodes/pdf417.php',
|
||||||
@ -123,6 +133,7 @@ class ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72
|
|||||||
return \Closure::bind(function () use ($loader) {
|
return \Closure::bind(function () use ($loader) {
|
||||||
$loader->prefixLengthsPsr4 = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$prefixLengthsPsr4;
|
$loader->prefixLengthsPsr4 = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$prefixLengthsPsr4;
|
||||||
$loader->prefixDirsPsr4 = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$prefixDirsPsr4;
|
$loader->prefixDirsPsr4 = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$prefixDirsPsr4;
|
||||||
|
$loader->prefixesPsr0 = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$prefixesPsr0;
|
||||||
$loader->classMap = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$classMap;
|
$loader->classMap = ComposerStaticInit69a0c53551ee5f4e61c53efb549e5e72::$classMap;
|
||||||
|
|
||||||
}, null, ClassLoader::class);
|
}, null, ClassLoader::class);
|
||||||
|
89
inc/vendor/composer/installed.json
vendored
89
inc/vendor/composer/installed.json
vendored
@ -41,17 +41,17 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "markbaker/complex",
|
"name": "markbaker/complex",
|
||||||
"version": "1.4.6",
|
"version": "1.4.7",
|
||||||
"version_normalized": "1.4.6.0",
|
"version_normalized": "1.4.7.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/MarkBaker/PHPComplex.git",
|
"url": "https://github.com/MarkBaker/PHPComplex.git",
|
||||||
"reference": "a78d82ae4e682c3809fc3023d1b0ce654f6ab12b"
|
"reference": "1ea674a8308baf547cbcbd30c5fcd6d301b7c000"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/MarkBaker/PHPComplex/zipball/a78d82ae4e682c3809fc3023d1b0ce654f6ab12b",
|
"url": "https://api.github.com/repos/MarkBaker/PHPComplex/zipball/1ea674a8308baf547cbcbd30c5fcd6d301b7c000",
|
||||||
"reference": "a78d82ae4e682c3809fc3023d1b0ce654f6ab12b",
|
"reference": "1ea674a8308baf547cbcbd30c5fcd6d301b7c000",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -67,7 +67,7 @@
|
|||||||
"sebastian/phpcpd": "2.*",
|
"sebastian/phpcpd": "2.*",
|
||||||
"squizlabs/php_codesniffer": "^3.3.0"
|
"squizlabs/php_codesniffer": "^3.3.0"
|
||||||
},
|
},
|
||||||
"time": "2018-07-31T08:38:40+00:00",
|
"time": "2018-10-13T23:28:42+00:00",
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"installation-source": "dist",
|
"installation-source": "dist",
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@ -216,6 +216,57 @@
|
|||||||
"psr-3"
|
"psr-3"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "openlss/lib-array2xml",
|
||||||
|
"version": "0.5.1",
|
||||||
|
"version_normalized": "0.5.1.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/nullivex/lib-array2xml.git",
|
||||||
|
"reference": "c8b5998a342d7861f2e921403f44e0a2f3ef2be0"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/nullivex/lib-array2xml/zipball/c8b5998a342d7861f2e921403f44e0a2f3ef2be0",
|
||||||
|
"reference": "c8b5998a342d7861f2e921403f44e0a2f3ef2be0",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"php": ">=5.3.2"
|
||||||
|
},
|
||||||
|
"time": "2016-11-10T19:10:18+00:00",
|
||||||
|
"type": "library",
|
||||||
|
"installation-source": "dist",
|
||||||
|
"autoload": {
|
||||||
|
"psr-0": {
|
||||||
|
"LSS": ""
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"Apache-2.0"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Bryan Tong",
|
||||||
|
"email": "contact@nullivex.com",
|
||||||
|
"homepage": "http://bryantong.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Tony Butler",
|
||||||
|
"email": "spudz76@gmail.com",
|
||||||
|
"homepage": "http://openlss.org"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Array2XML conversion library credit to lalit.org",
|
||||||
|
"homepage": "http://openlss.org",
|
||||||
|
"keywords": [
|
||||||
|
"array",
|
||||||
|
"array conversion",
|
||||||
|
"xml",
|
||||||
|
"xml conversion"
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "pacificsec/cpe",
|
"name": "pacificsec/cpe",
|
||||||
"version": "1.0.1",
|
"version": "1.0.1",
|
||||||
@ -263,17 +314,17 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "phpoffice/phpspreadsheet",
|
"name": "phpoffice/phpspreadsheet",
|
||||||
"version": "1.4.0",
|
"version": "1.4.1",
|
||||||
"version_normalized": "1.4.0.0",
|
"version_normalized": "1.4.1.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/PHPOffice/PhpSpreadsheet.git",
|
"url": "https://github.com/PHPOffice/PhpSpreadsheet.git",
|
||||||
"reference": "125f462a718956f37d81305ca0df4f17cef0f3b9"
|
"reference": "57404f43742a8164b5eac3ab03b962d8740885c1"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/PHPOffice/PhpSpreadsheet/zipball/125f462a718956f37d81305ca0df4f17cef0f3b9",
|
"url": "https://api.github.com/repos/PHPOffice/PhpSpreadsheet/zipball/57404f43742a8164b5eac3ab03b962d8740885c1",
|
||||||
"reference": "125f462a718956f37d81305ca0df4f17cef0f3b9",
|
"reference": "57404f43742a8164b5eac3ab03b962d8740885c1",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -306,9 +357,9 @@
|
|||||||
"dompdf/dompdf": "Option for rendering PDF with PDF Writer",
|
"dompdf/dompdf": "Option for rendering PDF with PDF Writer",
|
||||||
"jpgraph/jpgraph": "Option for rendering charts, or including charts with PDF or HTML Writers",
|
"jpgraph/jpgraph": "Option for rendering charts, or including charts with PDF or HTML Writers",
|
||||||
"mpdf/mpdf": "Option for rendering PDF with PDF Writer",
|
"mpdf/mpdf": "Option for rendering PDF with PDF Writer",
|
||||||
"tecnick.com/tcpdf": "Option for rendering PDF with PDF Writer"
|
"tecnickcom/tcpdf": "Option for rendering PDF with PDF Writer"
|
||||||
},
|
},
|
||||||
"time": "2018-08-06T02:58:06+00:00",
|
"time": "2018-09-30T03:57:24+00:00",
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"installation-source": "source",
|
"installation-source": "source",
|
||||||
"autoload": {
|
"autoload": {
|
||||||
@ -451,23 +502,23 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "tecnickcom/tcpdf",
|
"name": "tecnickcom/tcpdf",
|
||||||
"version": "6.2.22",
|
"version": "6.2.26",
|
||||||
"version_normalized": "6.2.22.0",
|
"version_normalized": "6.2.26.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/tecnickcom/TCPDF.git",
|
"url": "https://github.com/tecnickcom/TCPDF.git",
|
||||||
"reference": "ac6e92fccc7d9383dfd787056831349621b1aca2"
|
"reference": "367241059ca166e3a76490f4448c284e0a161f15"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/tecnickcom/TCPDF/zipball/ac6e92fccc7d9383dfd787056831349621b1aca2",
|
"url": "https://api.github.com/repos/tecnickcom/TCPDF/zipball/367241059ca166e3a76490f4448c284e0a161f15",
|
||||||
"reference": "ac6e92fccc7d9383dfd787056831349621b1aca2",
|
"reference": "367241059ca166e3a76490f4448c284e0a161f15",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
"php": ">=5.3.0"
|
"php": ">=5.3.0"
|
||||||
},
|
},
|
||||||
"time": "2018-09-14T15:26:29+00:00",
|
"time": "2018-10-16T17:24:05+00:00",
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"installation-source": "dist",
|
"installation-source": "dist",
|
||||||
"autoload": {
|
"autoload": {
|
||||||
|
1
inc/vendor/markbaker/complex/README.md
vendored
1
inc/vendor/markbaker/complex/README.md
vendored
@ -9,6 +9,7 @@ Master: [![Build Status](https://travis-ci.org/MarkBaker/PHPComplex.png?branch=m
|
|||||||
|
|
||||||
Develop: [![Build Status](https://travis-ci.org/MarkBaker/PHPComplex.png?branch=develop)](http://travis-ci.org/MarkBaker/PHPComplex)
|
Develop: [![Build Status](https://travis-ci.org/MarkBaker/PHPComplex.png?branch=develop)](http://travis-ci.org/MarkBaker/PHPComplex)
|
||||||
|
|
||||||
|
[![Complex Numbers](https://imgs.xkcd.com/comics/complex_numbers_2x.png)](https://xkcd.com/2028/)
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -23,7 +23,7 @@ class Autoloader
|
|||||||
spl_autoload_register('__autoload');
|
spl_autoload_register('__autoload');
|
||||||
}
|
}
|
||||||
// Register ourselves with SPL
|
// Register ourselves with SPL
|
||||||
return spl_autoload_register(['Complex\Autoloader', 'Load']);
|
return spl_autoload_register(['Complex\\Autoloader', 'Load']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -41,7 +41,7 @@ class Autoloader
|
|||||||
|
|
||||||
$pClassFilePath = __DIR__ . DIRECTORY_SEPARATOR .
|
$pClassFilePath = __DIR__ . DIRECTORY_SEPARATOR .
|
||||||
'src' . DIRECTORY_SEPARATOR .
|
'src' . DIRECTORY_SEPARATOR .
|
||||||
str_replace('Complex\\', '', $pClassName) .
|
str_replace(['Complex\\', '\\'], ['', '/'], $pClassName) .
|
||||||
'.php';
|
'.php';
|
||||||
|
|
||||||
if ((file_exists($pClassFilePath) === false) || (is_readable($pClassFilePath) === false)) {
|
if ((file_exists($pClassFilePath) === false) || (is_readable($pClassFilePath) === false)) {
|
||||||
|
14
inc/vendor/markbaker/complex/composer.json
vendored
14
inc/vendor/markbaker/complex/composer.json
vendored
@ -73,5 +73,19 @@
|
|||||||
"classes/src/operations/divideinto.php"
|
"classes/src/operations/divideinto.php"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
"scripts": {
|
||||||
|
"style": [
|
||||||
|
"phpcs --report-width=200 --report-summary --report-full classes/src/ --standard=PSR2 -n"
|
||||||
|
],
|
||||||
|
"mess": [
|
||||||
|
"phpmd classes/src/ xml codesize,unusedcode,design,naming -n"
|
||||||
|
],
|
||||||
|
"lines": [
|
||||||
|
"phploc classes/src/ -n"
|
||||||
|
],
|
||||||
|
"cpd": [
|
||||||
|
"phpcpd classes/src/ -n"
|
||||||
|
]
|
||||||
|
},
|
||||||
"minimum-stability": "dev"
|
"minimum-stability": "dev"
|
||||||
}
|
}
|
2
inc/vendor/openlss/lib-array2xml/.gitignore
vendored
Normal file
2
inc/vendor/openlss/lib-array2xml/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
/vendor
|
||||||
|
/composer.lock
|
674
inc/vendor/openlss/lib-array2xml/COPYING
vendored
Normal file
674
inc/vendor/openlss/lib-array2xml/COPYING
vendored
Normal file
@ -0,0 +1,674 @@
|
|||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
Version 3, 29 June 2007
|
||||||
|
|
||||||
|
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
|
||||||
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
|
Preamble
|
||||||
|
|
||||||
|
The GNU General Public License is a free, copyleft license for
|
||||||
|
software and other kinds of works.
|
||||||
|
|
||||||
|
The licenses for most software and other practical works are designed
|
||||||
|
to take away your freedom to share and change the works. By contrast,
|
||||||
|
the GNU General Public License is intended to guarantee your freedom to
|
||||||
|
share and change all versions of a program--to make sure it remains free
|
||||||
|
software for all its users. We, the Free Software Foundation, use the
|
||||||
|
GNU General Public License for most of our software; it applies also to
|
||||||
|
any other work released this way by its authors. You can apply it to
|
||||||
|
your programs, too.
|
||||||
|
|
||||||
|
When we speak of free software, we are referring to freedom, not
|
||||||
|
price. Our General Public Licenses are designed to make sure that you
|
||||||
|
have the freedom to distribute copies of free software (and charge for
|
||||||
|
them if you wish), that you receive source code or can get it if you
|
||||||
|
want it, that you can change the software or use pieces of it in new
|
||||||
|
free programs, and that you know you can do these things.
|
||||||
|
|
||||||
|
To protect your rights, we need to prevent others from denying you
|
||||||
|
these rights or asking you to surrender the rights. Therefore, you have
|
||||||
|
certain responsibilities if you distribute copies of the software, or if
|
||||||
|
you modify it: responsibilities to respect the freedom of others.
|
||||||
|
|
||||||
|
For example, if you distribute copies of such a program, whether
|
||||||
|
gratis or for a fee, you must pass on to the recipients the same
|
||||||
|
freedoms that you received. You must make sure that they, too, receive
|
||||||
|
or can get the source code. And you must show them these terms so they
|
||||||
|
know their rights.
|
||||||
|
|
||||||
|
Developers that use the GNU GPL protect your rights with two steps:
|
||||||
|
(1) assert copyright on the software, and (2) offer you this License
|
||||||
|
giving you legal permission to copy, distribute and/or modify it.
|
||||||
|
|
||||||
|
For the developers' and authors' protection, the GPL clearly explains
|
||||||
|
that there is no warranty for this free software. For both users' and
|
||||||
|
authors' sake, the GPL requires that modified versions be marked as
|
||||||
|
changed, so that their problems will not be attributed erroneously to
|
||||||
|
authors of previous versions.
|
||||||
|
|
||||||
|
Some devices are designed to deny users access to install or run
|
||||||
|
modified versions of the software inside them, although the manufacturer
|
||||||
|
can do so. This is fundamentally incompatible with the aim of
|
||||||
|
protecting users' freedom to change the software. The systematic
|
||||||
|
pattern of such abuse occurs in the area of products for individuals to
|
||||||
|
use, which is precisely where it is most unacceptable. Therefore, we
|
||||||
|
have designed this version of the GPL to prohibit the practice for those
|
||||||
|
products. If such problems arise substantially in other domains, we
|
||||||
|
stand ready to extend this provision to those domains in future versions
|
||||||
|
of the GPL, as needed to protect the freedom of users.
|
||||||
|
|
||||||
|
Finally, every program is threatened constantly by software patents.
|
||||||
|
States should not allow patents to restrict development and use of
|
||||||
|
software on general-purpose computers, but in those that do, we wish to
|
||||||
|
avoid the special danger that patents applied to a free program could
|
||||||
|
make it effectively proprietary. To prevent this, the GPL assures that
|
||||||
|
patents cannot be used to render the program non-free.
|
||||||
|
|
||||||
|
The precise terms and conditions for copying, distribution and
|
||||||
|
modification follow.
|
||||||
|
|
||||||
|
TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
0. Definitions.
|
||||||
|
|
||||||
|
"This License" refers to version 3 of the GNU General Public License.
|
||||||
|
|
||||||
|
"Copyright" also means copyright-like laws that apply to other kinds of
|
||||||
|
works, such as semiconductor masks.
|
||||||
|
|
||||||
|
"The Program" refers to any copyrightable work licensed under this
|
||||||
|
License. Each licensee is addressed as "you". "Licensees" and
|
||||||
|
"recipients" may be individuals or organizations.
|
||||||
|
|
||||||
|
To "modify" a work means to copy from or adapt all or part of the work
|
||||||
|
in a fashion requiring copyright permission, other than the making of an
|
||||||
|
exact copy. The resulting work is called a "modified version" of the
|
||||||
|
earlier work or a work "based on" the earlier work.
|
||||||
|
|
||||||
|
A "covered work" means either the unmodified Program or a work based
|
||||||
|
on the Program.
|
||||||
|
|
||||||
|
To "propagate" a work means to do anything with it that, without
|
||||||
|
permission, would make you directly or secondarily liable for
|
||||||
|
infringement under applicable copyright law, except executing it on a
|
||||||
|
computer or modifying a private copy. Propagation includes copying,
|
||||||
|
distribution (with or without modification), making available to the
|
||||||
|
public, and in some countries other activities as well.
|
||||||
|
|
||||||
|
To "convey" a work means any kind of propagation that enables other
|
||||||
|
parties to make or receive copies. Mere interaction with a user through
|
||||||
|
a computer network, with no transfer of a copy, is not conveying.
|
||||||
|
|
||||||
|
An interactive user interface displays "Appropriate Legal Notices"
|
||||||
|
to the extent that it includes a convenient and prominently visible
|
||||||
|
feature that (1) displays an appropriate copyright notice, and (2)
|
||||||
|
tells the user that there is no warranty for the work (except to the
|
||||||
|
extent that warranties are provided), that licensees may convey the
|
||||||
|
work under this License, and how to view a copy of this License. If
|
||||||
|
the interface presents a list of user commands or options, such as a
|
||||||
|
menu, a prominent item in the list meets this criterion.
|
||||||
|
|
||||||
|
1. Source Code.
|
||||||
|
|
||||||
|
The "source code" for a work means the preferred form of the work
|
||||||
|
for making modifications to it. "Object code" means any non-source
|
||||||
|
form of a work.
|
||||||
|
|
||||||
|
A "Standard Interface" means an interface that either is an official
|
||||||
|
standard defined by a recognized standards body, or, in the case of
|
||||||
|
interfaces specified for a particular programming language, one that
|
||||||
|
is widely used among developers working in that language.
|
||||||
|
|
||||||
|
The "System Libraries" of an executable work include anything, other
|
||||||
|
than the work as a whole, that (a) is included in the normal form of
|
||||||
|
packaging a Major Component, but which is not part of that Major
|
||||||
|
Component, and (b) serves only to enable use of the work with that
|
||||||
|
Major Component, or to implement a Standard Interface for which an
|
||||||
|
implementation is available to the public in source code form. A
|
||||||
|
"Major Component", in this context, means a major essential component
|
||||||
|
(kernel, window system, and so on) of the specific operating system
|
||||||
|
(if any) on which the executable work runs, or a compiler used to
|
||||||
|
produce the work, or an object code interpreter used to run it.
|
||||||
|
|
||||||
|
The "Corresponding Source" for a work in object code form means all
|
||||||
|
the source code needed to generate, install, and (for an executable
|
||||||
|
work) run the object code and to modify the work, including scripts to
|
||||||
|
control those activities. However, it does not include the work's
|
||||||
|
System Libraries, or general-purpose tools or generally available free
|
||||||
|
programs which are used unmodified in performing those activities but
|
||||||
|
which are not part of the work. For example, Corresponding Source
|
||||||
|
includes interface definition files associated with source files for
|
||||||
|
the work, and the source code for shared libraries and dynamically
|
||||||
|
linked subprograms that the work is specifically designed to require,
|
||||||
|
such as by intimate data communication or control flow between those
|
||||||
|
subprograms and other parts of the work.
|
||||||
|
|
||||||
|
The Corresponding Source need not include anything that users
|
||||||
|
can regenerate automatically from other parts of the Corresponding
|
||||||
|
Source.
|
||||||
|
|
||||||
|
The Corresponding Source for a work in source code form is that
|
||||||
|
same work.
|
||||||
|
|
||||||
|
2. Basic Permissions.
|
||||||
|
|
||||||
|
All rights granted under this License are granted for the term of
|
||||||
|
copyright on the Program, and are irrevocable provided the stated
|
||||||
|
conditions are met. This License explicitly affirms your unlimited
|
||||||
|
permission to run the unmodified Program. The output from running a
|
||||||
|
covered work is covered by this License only if the output, given its
|
||||||
|
content, constitutes a covered work. This License acknowledges your
|
||||||
|
rights of fair use or other equivalent, as provided by copyright law.
|
||||||
|
|
||||||
|
You may make, run and propagate covered works that you do not
|
||||||
|
convey, without conditions so long as your license otherwise remains
|
||||||
|
in force. You may convey covered works to others for the sole purpose
|
||||||
|
of having them make modifications exclusively for you, or provide you
|
||||||
|
with facilities for running those works, provided that you comply with
|
||||||
|
the terms of this License in conveying all material for which you do
|
||||||
|
not control copyright. Those thus making or running the covered works
|
||||||
|
for you must do so exclusively on your behalf, under your direction
|
||||||
|
and control, on terms that prohibit them from making any copies of
|
||||||
|
your copyrighted material outside their relationship with you.
|
||||||
|
|
||||||
|
Conveying under any other circumstances is permitted solely under
|
||||||
|
the conditions stated below. Sublicensing is not allowed; section 10
|
||||||
|
makes it unnecessary.
|
||||||
|
|
||||||
|
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
||||||
|
|
||||||
|
No covered work shall be deemed part of an effective technological
|
||||||
|
measure under any applicable law fulfilling obligations under article
|
||||||
|
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
||||||
|
similar laws prohibiting or restricting circumvention of such
|
||||||
|
measures.
|
||||||
|
|
||||||
|
When you convey a covered work, you waive any legal power to forbid
|
||||||
|
circumvention of technological measures to the extent such circumvention
|
||||||
|
is effected by exercising rights under this License with respect to
|
||||||
|
the covered work, and you disclaim any intention to limit operation or
|
||||||
|
modification of the work as a means of enforcing, against the work's
|
||||||
|
users, your or third parties' legal rights to forbid circumvention of
|
||||||
|
technological measures.
|
||||||
|
|
||||||
|
4. Conveying Verbatim Copies.
|
||||||
|
|
||||||
|
You may convey verbatim copies of the Program's source code as you
|
||||||
|
receive it, in any medium, provided that you conspicuously and
|
||||||
|
appropriately publish on each copy an appropriate copyright notice;
|
||||||
|
keep intact all notices stating that this License and any
|
||||||
|
non-permissive terms added in accord with section 7 apply to the code;
|
||||||
|
keep intact all notices of the absence of any warranty; and give all
|
||||||
|
recipients a copy of this License along with the Program.
|
||||||
|
|
||||||
|
You may charge any price or no price for each copy that you convey,
|
||||||
|
and you may offer support or warranty protection for a fee.
|
||||||
|
|
||||||
|
5. Conveying Modified Source Versions.
|
||||||
|
|
||||||
|
You may convey a work based on the Program, or the modifications to
|
||||||
|
produce it from the Program, in the form of source code under the
|
||||||
|
terms of section 4, provided that you also meet all of these conditions:
|
||||||
|
|
||||||
|
a) The work must carry prominent notices stating that you modified
|
||||||
|
it, and giving a relevant date.
|
||||||
|
|
||||||
|
b) The work must carry prominent notices stating that it is
|
||||||
|
released under this License and any conditions added under section
|
||||||
|
7. This requirement modifies the requirement in section 4 to
|
||||||
|
"keep intact all notices".
|
||||||
|
|
||||||
|
c) You must license the entire work, as a whole, under this
|
||||||
|
License to anyone who comes into possession of a copy. This
|
||||||
|
License will therefore apply, along with any applicable section 7
|
||||||
|
additional terms, to the whole of the work, and all its parts,
|
||||||
|
regardless of how they are packaged. This License gives no
|
||||||
|
permission to license the work in any other way, but it does not
|
||||||
|
invalidate such permission if you have separately received it.
|
||||||
|
|
||||||
|
d) If the work has interactive user interfaces, each must display
|
||||||
|
Appropriate Legal Notices; however, if the Program has interactive
|
||||||
|
interfaces that do not display Appropriate Legal Notices, your
|
||||||
|
work need not make them do so.
|
||||||
|
|
||||||
|
A compilation of a covered work with other separate and independent
|
||||||
|
works, which are not by their nature extensions of the covered work,
|
||||||
|
and which are not combined with it such as to form a larger program,
|
||||||
|
in or on a volume of a storage or distribution medium, is called an
|
||||||
|
"aggregate" if the compilation and its resulting copyright are not
|
||||||
|
used to limit the access or legal rights of the compilation's users
|
||||||
|
beyond what the individual works permit. Inclusion of a covered work
|
||||||
|
in an aggregate does not cause this License to apply to the other
|
||||||
|
parts of the aggregate.
|
||||||
|
|
||||||
|
6. Conveying Non-Source Forms.
|
||||||
|
|
||||||
|
You may convey a covered work in object code form under the terms
|
||||||
|
of sections 4 and 5, provided that you also convey the
|
||||||
|
machine-readable Corresponding Source under the terms of this License,
|
||||||
|
in one of these ways:
|
||||||
|
|
||||||
|
a) Convey the object code in, or embodied in, a physical product
|
||||||
|
(including a physical distribution medium), accompanied by the
|
||||||
|
Corresponding Source fixed on a durable physical medium
|
||||||
|
customarily used for software interchange.
|
||||||
|
|
||||||
|
b) Convey the object code in, or embodied in, a physical product
|
||||||
|
(including a physical distribution medium), accompanied by a
|
||||||
|
written offer, valid for at least three years and valid for as
|
||||||
|
long as you offer spare parts or customer support for that product
|
||||||
|
model, to give anyone who possesses the object code either (1) a
|
||||||
|
copy of the Corresponding Source for all the software in the
|
||||||
|
product that is covered by this License, on a durable physical
|
||||||
|
medium customarily used for software interchange, for a price no
|
||||||
|
more than your reasonable cost of physically performing this
|
||||||
|
conveying of source, or (2) access to copy the
|
||||||
|
Corresponding Source from a network server at no charge.
|
||||||
|
|
||||||
|
c) Convey individual copies of the object code with a copy of the
|
||||||
|
written offer to provide the Corresponding Source. This
|
||||||
|
alternative is allowed only occasionally and noncommercially, and
|
||||||
|
only if you received the object code with such an offer, in accord
|
||||||
|
with subsection 6b.
|
||||||
|
|
||||||
|
d) Convey the object code by offering access from a designated
|
||||||
|
place (gratis or for a charge), and offer equivalent access to the
|
||||||
|
Corresponding Source in the same way through the same place at no
|
||||||
|
further charge. You need not require recipients to copy the
|
||||||
|
Corresponding Source along with the object code. If the place to
|
||||||
|
copy the object code is a network server, the Corresponding Source
|
||||||
|
may be on a different server (operated by you or a third party)
|
||||||
|
that supports equivalent copying facilities, provided you maintain
|
||||||
|
clear directions next to the object code saying where to find the
|
||||||
|
Corresponding Source. Regardless of what server hosts the
|
||||||
|
Corresponding Source, you remain obligated to ensure that it is
|
||||||
|
available for as long as needed to satisfy these requirements.
|
||||||
|
|
||||||
|
e) Convey the object code using peer-to-peer transmission, provided
|
||||||
|
you inform other peers where the object code and Corresponding
|
||||||
|
Source of the work are being offered to the general public at no
|
||||||
|
charge under subsection 6d.
|
||||||
|
|
||||||
|
A separable portion of the object code, whose source code is excluded
|
||||||
|
from the Corresponding Source as a System Library, need not be
|
||||||
|
included in conveying the object code work.
|
||||||
|
|
||||||
|
A "User Product" is either (1) a "consumer product", which means any
|
||||||
|
tangible personal property which is normally used for personal, family,
|
||||||
|
or household purposes, or (2) anything designed or sold for incorporation
|
||||||
|
into a dwelling. In determining whether a product is a consumer product,
|
||||||
|
doubtful cases shall be resolved in favor of coverage. For a particular
|
||||||
|
product received by a particular user, "normally used" refers to a
|
||||||
|
typical or common use of that class of product, regardless of the status
|
||||||
|
of the particular user or of the way in which the particular user
|
||||||
|
actually uses, or expects or is expected to use, the product. A product
|
||||||
|
is a consumer product regardless of whether the product has substantial
|
||||||
|
commercial, industrial or non-consumer uses, unless such uses represent
|
||||||
|
the only significant mode of use of the product.
|
||||||
|
|
||||||
|
"Installation Information" for a User Product means any methods,
|
||||||
|
procedures, authorization keys, or other information required to install
|
||||||
|
and execute modified versions of a covered work in that User Product from
|
||||||
|
a modified version of its Corresponding Source. The information must
|
||||||
|
suffice to ensure that the continued functioning of the modified object
|
||||||
|
code is in no case prevented or interfered with solely because
|
||||||
|
modification has been made.
|
||||||
|
|
||||||
|
If you convey an object code work under this section in, or with, or
|
||||||
|
specifically for use in, a User Product, and the conveying occurs as
|
||||||
|
part of a transaction in which the right of possession and use of the
|
||||||
|
User Product is transferred to the recipient in perpetuity or for a
|
||||||
|
fixed term (regardless of how the transaction is characterized), the
|
||||||
|
Corresponding Source conveyed under this section must be accompanied
|
||||||
|
by the Installation Information. But this requirement does not apply
|
||||||
|
if neither you nor any third party retains the ability to install
|
||||||
|
modified object code on the User Product (for example, the work has
|
||||||
|
been installed in ROM).
|
||||||
|
|
||||||
|
The requirement to provide Installation Information does not include a
|
||||||
|
requirement to continue to provide support service, warranty, or updates
|
||||||
|
for a work that has been modified or installed by the recipient, or for
|
||||||
|
the User Product in which it has been modified or installed. Access to a
|
||||||
|
network may be denied when the modification itself materially and
|
||||||
|
adversely affects the operation of the network or violates the rules and
|
||||||
|
protocols for communication across the network.
|
||||||
|
|
||||||
|
Corresponding Source conveyed, and Installation Information provided,
|
||||||
|
in accord with this section must be in a format that is publicly
|
||||||
|
documented (and with an implementation available to the public in
|
||||||
|
source code form), and must require no special password or key for
|
||||||
|
unpacking, reading or copying.
|
||||||
|
|
||||||
|
7. Additional Terms.
|
||||||
|
|
||||||
|
"Additional permissions" are terms that supplement the terms of this
|
||||||
|
License by making exceptions from one or more of its conditions.
|
||||||
|
Additional permissions that are applicable to the entire Program shall
|
||||||
|
be treated as though they were included in this License, to the extent
|
||||||
|
that they are valid under applicable law. If additional permissions
|
||||||
|
apply only to part of the Program, that part may be used separately
|
||||||
|
under those permissions, but the entire Program remains governed by
|
||||||
|
this License without regard to the additional permissions.
|
||||||
|
|
||||||
|
When you convey a copy of a covered work, you may at your option
|
||||||
|
remove any additional permissions from that copy, or from any part of
|
||||||
|
it. (Additional permissions may be written to require their own
|
||||||
|
removal in certain cases when you modify the work.) You may place
|
||||||
|
additional permissions on material, added by you to a covered work,
|
||||||
|
for which you have or can give appropriate copyright permission.
|
||||||
|
|
||||||
|
Notwithstanding any other provision of this License, for material you
|
||||||
|
add to a covered work, you may (if authorized by the copyright holders of
|
||||||
|
that material) supplement the terms of this License with terms:
|
||||||
|
|
||||||
|
a) Disclaiming warranty or limiting liability differently from the
|
||||||
|
terms of sections 15 and 16 of this License; or
|
||||||
|
|
||||||
|
b) Requiring preservation of specified reasonable legal notices or
|
||||||
|
author attributions in that material or in the Appropriate Legal
|
||||||
|
Notices displayed by works containing it; or
|
||||||
|
|
||||||
|
c) Prohibiting misrepresentation of the origin of that material, or
|
||||||
|
requiring that modified versions of such material be marked in
|
||||||
|
reasonable ways as different from the original version; or
|
||||||
|
|
||||||
|
d) Limiting the use for publicity purposes of names of licensors or
|
||||||
|
authors of the material; or
|
||||||
|
|
||||||
|
e) Declining to grant rights under trademark law for use of some
|
||||||
|
trade names, trademarks, or service marks; or
|
||||||
|
|
||||||
|
f) Requiring indemnification of licensors and authors of that
|
||||||
|
material by anyone who conveys the material (or modified versions of
|
||||||
|
it) with contractual assumptions of liability to the recipient, for
|
||||||
|
any liability that these contractual assumptions directly impose on
|
||||||
|
those licensors and authors.
|
||||||
|
|
||||||
|
All other non-permissive additional terms are considered "further
|
||||||
|
restrictions" within the meaning of section 10. If the Program as you
|
||||||
|
received it, or any part of it, contains a notice stating that it is
|
||||||
|
governed by this License along with a term that is a further
|
||||||
|
restriction, you may remove that term. If a license document contains
|
||||||
|
a further restriction but permits relicensing or conveying under this
|
||||||
|
License, you may add to a covered work material governed by the terms
|
||||||
|
of that license document, provided that the further restriction does
|
||||||
|
not survive such relicensing or conveying.
|
||||||
|
|
||||||
|
If you add terms to a covered work in accord with this section, you
|
||||||
|
must place, in the relevant source files, a statement of the
|
||||||
|
additional terms that apply to those files, or a notice indicating
|
||||||
|
where to find the applicable terms.
|
||||||
|
|
||||||
|
Additional terms, permissive or non-permissive, may be stated in the
|
||||||
|
form of a separately written license, or stated as exceptions;
|
||||||
|
the above requirements apply either way.
|
||||||
|
|
||||||
|
8. Termination.
|
||||||
|
|
||||||
|
You may not propagate or modify a covered work except as expressly
|
||||||
|
provided under this License. Any attempt otherwise to propagate or
|
||||||
|
modify it is void, and will automatically terminate your rights under
|
||||||
|
this License (including any patent licenses granted under the third
|
||||||
|
paragraph of section 11).
|
||||||
|
|
||||||
|
However, if you cease all violation of this License, then your
|
||||||
|
license from a particular copyright holder is reinstated (a)
|
||||||
|
provisionally, unless and until the copyright holder explicitly and
|
||||||
|
finally terminates your license, and (b) permanently, if the copyright
|
||||||
|
holder fails to notify you of the violation by some reasonable means
|
||||||
|
prior to 60 days after the cessation.
|
||||||
|
|
||||||
|
Moreover, your license from a particular copyright holder is
|
||||||
|
reinstated permanently if the copyright holder notifies you of the
|
||||||
|
violation by some reasonable means, this is the first time you have
|
||||||
|
received notice of violation of this License (for any work) from that
|
||||||
|
copyright holder, and you cure the violation prior to 30 days after
|
||||||
|
your receipt of the notice.
|
||||||
|
|
||||||
|
Termination of your rights under this section does not terminate the
|
||||||
|
licenses of parties who have received copies or rights from you under
|
||||||
|
this License. If your rights have been terminated and not permanently
|
||||||
|
reinstated, you do not qualify to receive new licenses for the same
|
||||||
|
material under section 10.
|
||||||
|
|
||||||
|
9. Acceptance Not Required for Having Copies.
|
||||||
|
|
||||||
|
You are not required to accept this License in order to receive or
|
||||||
|
run a copy of the Program. Ancillary propagation of a covered work
|
||||||
|
occurring solely as a consequence of using peer-to-peer transmission
|
||||||
|
to receive a copy likewise does not require acceptance. However,
|
||||||
|
nothing other than this License grants you permission to propagate or
|
||||||
|
modify any covered work. These actions infringe copyright if you do
|
||||||
|
not accept this License. Therefore, by modifying or propagating a
|
||||||
|
covered work, you indicate your acceptance of this License to do so.
|
||||||
|
|
||||||
|
10. Automatic Licensing of Downstream Recipients.
|
||||||
|
|
||||||
|
Each time you convey a covered work, the recipient automatically
|
||||||
|
receives a license from the original licensors, to run, modify and
|
||||||
|
propagate that work, subject to this License. You are not responsible
|
||||||
|
for enforcing compliance by third parties with this License.
|
||||||
|
|
||||||
|
An "entity transaction" is a transaction transferring control of an
|
||||||
|
organization, or substantially all assets of one, or subdividing an
|
||||||
|
organization, or merging organizations. If propagation of a covered
|
||||||
|
work results from an entity transaction, each party to that
|
||||||
|
transaction who receives a copy of the work also receives whatever
|
||||||
|
licenses to the work the party's predecessor in interest had or could
|
||||||
|
give under the previous paragraph, plus a right to possession of the
|
||||||
|
Corresponding Source of the work from the predecessor in interest, if
|
||||||
|
the predecessor has it or can get it with reasonable efforts.
|
||||||
|
|
||||||
|
You may not impose any further restrictions on the exercise of the
|
||||||
|
rights granted or affirmed under this License. For example, you may
|
||||||
|
not impose a license fee, royalty, or other charge for exercise of
|
||||||
|
rights granted under this License, and you may not initiate litigation
|
||||||
|
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
||||||
|
any patent claim is infringed by making, using, selling, offering for
|
||||||
|
sale, or importing the Program or any portion of it.
|
||||||
|
|
||||||
|
11. Patents.
|
||||||
|
|
||||||
|
A "contributor" is a copyright holder who authorizes use under this
|
||||||
|
License of the Program or a work on which the Program is based. The
|
||||||
|
work thus licensed is called the contributor's "contributor version".
|
||||||
|
|
||||||
|
A contributor's "essential patent claims" are all patent claims
|
||||||
|
owned or controlled by the contributor, whether already acquired or
|
||||||
|
hereafter acquired, that would be infringed by some manner, permitted
|
||||||
|
by this License, of making, using, or selling its contributor version,
|
||||||
|
but do not include claims that would be infringed only as a
|
||||||
|
consequence of further modification of the contributor version. For
|
||||||
|
purposes of this definition, "control" includes the right to grant
|
||||||
|
patent sublicenses in a manner consistent with the requirements of
|
||||||
|
this License.
|
||||||
|
|
||||||
|
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
||||||
|
patent license under the contributor's essential patent claims, to
|
||||||
|
make, use, sell, offer for sale, import and otherwise run, modify and
|
||||||
|
propagate the contents of its contributor version.
|
||||||
|
|
||||||
|
In the following three paragraphs, a "patent license" is any express
|
||||||
|
agreement or commitment, however denominated, not to enforce a patent
|
||||||
|
(such as an express permission to practice a patent or covenant not to
|
||||||
|
sue for patent infringement). To "grant" such a patent license to a
|
||||||
|
party means to make such an agreement or commitment not to enforce a
|
||||||
|
patent against the party.
|
||||||
|
|
||||||
|
If you convey a covered work, knowingly relying on a patent license,
|
||||||
|
and the Corresponding Source of the work is not available for anyone
|
||||||
|
to copy, free of charge and under the terms of this License, through a
|
||||||
|
publicly available network server or other readily accessible means,
|
||||||
|
then you must either (1) cause the Corresponding Source to be so
|
||||||
|
available, or (2) arrange to deprive yourself of the benefit of the
|
||||||
|
patent license for this particular work, or (3) arrange, in a manner
|
||||||
|
consistent with the requirements of this License, to extend the patent
|
||||||
|
license to downstream recipients. "Knowingly relying" means you have
|
||||||
|
actual knowledge that, but for the patent license, your conveying the
|
||||||
|
covered work in a country, or your recipient's use of the covered work
|
||||||
|
in a country, would infringe one or more identifiable patents in that
|
||||||
|
country that you have reason to believe are valid.
|
||||||
|
|
||||||
|
If, pursuant to or in connection with a single transaction or
|
||||||
|
arrangement, you convey, or propagate by procuring conveyance of, a
|
||||||
|
covered work, and grant a patent license to some of the parties
|
||||||
|
receiving the covered work authorizing them to use, propagate, modify
|
||||||
|
or convey a specific copy of the covered work, then the patent license
|
||||||
|
you grant is automatically extended to all recipients of the covered
|
||||||
|
work and works based on it.
|
||||||
|
|
||||||
|
A patent license is "discriminatory" if it does not include within
|
||||||
|
the scope of its coverage, prohibits the exercise of, or is
|
||||||
|
conditioned on the non-exercise of one or more of the rights that are
|
||||||
|
specifically granted under this License. You may not convey a covered
|
||||||
|
work if you are a party to an arrangement with a third party that is
|
||||||
|
in the business of distributing software, under which you make payment
|
||||||
|
to the third party based on the extent of your activity of conveying
|
||||||
|
the work, and under which the third party grants, to any of the
|
||||||
|
parties who would receive the covered work from you, a discriminatory
|
||||||
|
patent license (a) in connection with copies of the covered work
|
||||||
|
conveyed by you (or copies made from those copies), or (b) primarily
|
||||||
|
for and in connection with specific products or compilations that
|
||||||
|
contain the covered work, unless you entered into that arrangement,
|
||||||
|
or that patent license was granted, prior to 28 March 2007.
|
||||||
|
|
||||||
|
Nothing in this License shall be construed as excluding or limiting
|
||||||
|
any implied license or other defenses to infringement that may
|
||||||
|
otherwise be available to you under applicable patent law.
|
||||||
|
|
||||||
|
12. No Surrender of Others' Freedom.
|
||||||
|
|
||||||
|
If conditions are imposed on you (whether by court order, agreement or
|
||||||
|
otherwise) that contradict the conditions of this License, they do not
|
||||||
|
excuse you from the conditions of this License. If you cannot convey a
|
||||||
|
covered work so as to satisfy simultaneously your obligations under this
|
||||||
|
License and any other pertinent obligations, then as a consequence you may
|
||||||
|
not convey it at all. For example, if you agree to terms that obligate you
|
||||||
|
to collect a royalty for further conveying from those to whom you convey
|
||||||
|
the Program, the only way you could satisfy both those terms and this
|
||||||
|
License would be to refrain entirely from conveying the Program.
|
||||||
|
|
||||||
|
13. Use with the GNU Affero General Public License.
|
||||||
|
|
||||||
|
Notwithstanding any other provision of this License, you have
|
||||||
|
permission to link or combine any covered work with a work licensed
|
||||||
|
under version 3 of the GNU Affero General Public License into a single
|
||||||
|
combined work, and to convey the resulting work. The terms of this
|
||||||
|
License will continue to apply to the part which is the covered work,
|
||||||
|
but the special requirements of the GNU Affero General Public License,
|
||||||
|
section 13, concerning interaction through a network will apply to the
|
||||||
|
combination as such.
|
||||||
|
|
||||||
|
14. Revised Versions of this License.
|
||||||
|
|
||||||
|
The Free Software Foundation may publish revised and/or new versions of
|
||||||
|
the GNU General Public License from time to time. Such new versions will
|
||||||
|
be similar in spirit to the present version, but may differ in detail to
|
||||||
|
address new problems or concerns.
|
||||||
|
|
||||||
|
Each version is given a distinguishing version number. If the
|
||||||
|
Program specifies that a certain numbered version of the GNU General
|
||||||
|
Public License "or any later version" applies to it, you have the
|
||||||
|
option of following the terms and conditions either of that numbered
|
||||||
|
version or of any later version published by the Free Software
|
||||||
|
Foundation. If the Program does not specify a version number of the
|
||||||
|
GNU General Public License, you may choose any version ever published
|
||||||
|
by the Free Software Foundation.
|
||||||
|
|
||||||
|
If the Program specifies that a proxy can decide which future
|
||||||
|
versions of the GNU General Public License can be used, that proxy's
|
||||||
|
public statement of acceptance of a version permanently authorizes you
|
||||||
|
to choose that version for the Program.
|
||||||
|
|
||||||
|
Later license versions may give you additional or different
|
||||||
|
permissions. However, no additional obligations are imposed on any
|
||||||
|
author or copyright holder as a result of your choosing to follow a
|
||||||
|
later version.
|
||||||
|
|
||||||
|
15. Disclaimer of Warranty.
|
||||||
|
|
||||||
|
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
||||||
|
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
||||||
|
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
|
||||||
|
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
|
||||||
|
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
|
||||||
|
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
|
||||||
|
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||||
|
|
||||||
|
16. Limitation of Liability.
|
||||||
|
|
||||||
|
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||||
|
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
|
||||||
|
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||||
|
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
|
||||||
|
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
|
||||||
|
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
|
||||||
|
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
|
||||||
|
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
|
||||||
|
SUCH DAMAGES.
|
||||||
|
|
||||||
|
17. Interpretation of Sections 15 and 16.
|
||||||
|
|
||||||
|
If the disclaimer of warranty and limitation of liability provided
|
||||||
|
above cannot be given local legal effect according to their terms,
|
||||||
|
reviewing courts shall apply local law that most closely approximates
|
||||||
|
an absolute waiver of all civil liability in connection with the
|
||||||
|
Program, unless a warranty or assumption of liability accompanies a
|
||||||
|
copy of the Program in return for a fee.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
How to Apply These Terms to Your New Programs
|
||||||
|
|
||||||
|
If you develop a new program, and you want it to be of the greatest
|
||||||
|
possible use to the public, the best way to achieve this is to make it
|
||||||
|
free software which everyone can redistribute and change under these terms.
|
||||||
|
|
||||||
|
To do so, attach the following notices to the program. It is safest
|
||||||
|
to attach them to the start of each source file to most effectively
|
||||||
|
state the exclusion of warranty; and each file should have at least
|
||||||
|
the "copyright" line and a pointer to where the full notice is found.
|
||||||
|
|
||||||
|
<one line to give the program's name and a brief idea of what it does.>
|
||||||
|
Copyright (C) <year> <name of author>
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
Also add information on how to contact you by electronic and paper mail.
|
||||||
|
|
||||||
|
If the program does terminal interaction, make it output a short
|
||||||
|
notice like this when it starts in an interactive mode:
|
||||||
|
|
||||||
|
<program> Copyright (C) <year> <name of author>
|
||||||
|
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||||
|
This is free software, and you are welcome to redistribute it
|
||||||
|
under certain conditions; type `show c' for details.
|
||||||
|
|
||||||
|
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||||
|
parts of the General Public License. Of course, your program's commands
|
||||||
|
might be different; for a GUI interface, you would use an "about box".
|
||||||
|
|
||||||
|
You should also get your employer (if you work as a programmer) or school,
|
||||||
|
if any, to sign a "copyright disclaimer" for the program, if necessary.
|
||||||
|
For more information on this, and how to apply and follow the GNU GPL, see
|
||||||
|
<http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
The GNU General Public License does not permit incorporating your program
|
||||||
|
into proprietary programs. If your program is a subroutine library, you
|
||||||
|
may consider it more useful to permit linking proprietary applications with
|
||||||
|
the library. If this is what you want to do, use the GNU Lesser General
|
||||||
|
Public License instead of this License. But first, please read
|
||||||
|
<http://www.gnu.org/philosophy/why-not-lgpl.html>.
|
165
inc/vendor/openlss/lib-array2xml/COPYING LESSER
vendored
Normal file
165
inc/vendor/openlss/lib-array2xml/COPYING LESSER
vendored
Normal file
@ -0,0 +1,165 @@
|
|||||||
|
GNU LESSER GENERAL PUBLIC LICENSE
|
||||||
|
Version 3, 29 June 2007
|
||||||
|
|
||||||
|
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
|
||||||
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
|
|
||||||
|
This version of the GNU Lesser General Public License incorporates
|
||||||
|
the terms and conditions of version 3 of the GNU General Public
|
||||||
|
License, supplemented by the additional permissions listed below.
|
||||||
|
|
||||||
|
0. Additional Definitions.
|
||||||
|
|
||||||
|
As used herein, "this License" refers to version 3 of the GNU Lesser
|
||||||
|
General Public License, and the "GNU GPL" refers to version 3 of the GNU
|
||||||
|
General Public License.
|
||||||
|
|
||||||
|
"The Library" refers to a covered work governed by this License,
|
||||||
|
other than an Application or a Combined Work as defined below.
|
||||||
|
|
||||||
|
An "Application" is any work that makes use of an interface provided
|
||||||
|
by the Library, but which is not otherwise based on the Library.
|
||||||
|
Defining a subclass of a class defined by the Library is deemed a mode
|
||||||
|
of using an interface provided by the Library.
|
||||||
|
|
||||||
|
A "Combined Work" is a work produced by combining or linking an
|
||||||
|
Application with the Library. The particular version of the Library
|
||||||
|
with which the Combined Work was made is also called the "Linked
|
||||||
|
Version".
|
||||||
|
|
||||||
|
The "Minimal Corresponding Source" for a Combined Work means the
|
||||||
|
Corresponding Source for the Combined Work, excluding any source code
|
||||||
|
for portions of the Combined Work that, considered in isolation, are
|
||||||
|
based on the Application, and not on the Linked Version.
|
||||||
|
|
||||||
|
The "Corresponding Application Code" for a Combined Work means the
|
||||||
|
object code and/or source code for the Application, including any data
|
||||||
|
and utility programs needed for reproducing the Combined Work from the
|
||||||
|
Application, but excluding the System Libraries of the Combined Work.
|
||||||
|
|
||||||
|
1. Exception to Section 3 of the GNU GPL.
|
||||||
|
|
||||||
|
You may convey a covered work under sections 3 and 4 of this License
|
||||||
|
without being bound by section 3 of the GNU GPL.
|
||||||
|
|
||||||
|
2. Conveying Modified Versions.
|
||||||
|
|
||||||
|
If you modify a copy of the Library, and, in your modifications, a
|
||||||
|
facility refers to a function or data to be supplied by an Application
|
||||||
|
that uses the facility (other than as an argument passed when the
|
||||||
|
facility is invoked), then you may convey a copy of the modified
|
||||||
|
version:
|
||||||
|
|
||||||
|
a) under this License, provided that you make a good faith effort to
|
||||||
|
ensure that, in the event an Application does not supply the
|
||||||
|
function or data, the facility still operates, and performs
|
||||||
|
whatever part of its purpose remains meaningful, or
|
||||||
|
|
||||||
|
b) under the GNU GPL, with none of the additional permissions of
|
||||||
|
this License applicable to that copy.
|
||||||
|
|
||||||
|
3. Object Code Incorporating Material from Library Header Files.
|
||||||
|
|
||||||
|
The object code form of an Application may incorporate material from
|
||||||
|
a header file that is part of the Library. You may convey such object
|
||||||
|
code under terms of your choice, provided that, if the incorporated
|
||||||
|
material is not limited to numerical parameters, data structure
|
||||||
|
layouts and accessors, or small macros, inline functions and templates
|
||||||
|
(ten or fewer lines in length), you do both of the following:
|
||||||
|
|
||||||
|
a) Give prominent notice with each copy of the object code that the
|
||||||
|
Library is used in it and that the Library and its use are
|
||||||
|
covered by this License.
|
||||||
|
|
||||||
|
b) Accompany the object code with a copy of the GNU GPL and this license
|
||||||
|
document.
|
||||||
|
|
||||||
|
4. Combined Works.
|
||||||
|
|
||||||
|
You may convey a Combined Work under terms of your choice that,
|
||||||
|
taken together, effectively do not restrict modification of the
|
||||||
|
portions of the Library contained in the Combined Work and reverse
|
||||||
|
engineering for debugging such modifications, if you also do each of
|
||||||
|
the following:
|
||||||
|
|
||||||
|
a) Give prominent notice with each copy of the Combined Work that
|
||||||
|
the Library is used in it and that the Library and its use are
|
||||||
|
covered by this License.
|
||||||
|
|
||||||
|
b) Accompany the Combined Work with a copy of the GNU GPL and this license
|
||||||
|
document.
|
||||||
|
|
||||||
|
c) For a Combined Work that displays copyright notices during
|
||||||
|
execution, include the copyright notice for the Library among
|
||||||
|
these notices, as well as a reference directing the user to the
|
||||||
|
copies of the GNU GPL and this license document.
|
||||||
|
|
||||||
|
d) Do one of the following:
|
||||||
|
|
||||||
|
0) Convey the Minimal Corresponding Source under the terms of this
|
||||||
|
License, and the Corresponding Application Code in a form
|
||||||
|
suitable for, and under terms that permit, the user to
|
||||||
|
recombine or relink the Application with a modified version of
|
||||||
|
the Linked Version to produce a modified Combined Work, in the
|
||||||
|
manner specified by section 6 of the GNU GPL for conveying
|
||||||
|
Corresponding Source.
|
||||||
|
|
||||||
|
1) Use a suitable shared library mechanism for linking with the
|
||||||
|
Library. A suitable mechanism is one that (a) uses at run time
|
||||||
|
a copy of the Library already present on the user's computer
|
||||||
|
system, and (b) will operate properly with a modified version
|
||||||
|
of the Library that is interface-compatible with the Linked
|
||||||
|
Version.
|
||||||
|
|
||||||
|
e) Provide Installation Information, but only if you would otherwise
|
||||||
|
be required to provide such information under section 6 of the
|
||||||
|
GNU GPL, and only to the extent that such information is
|
||||||
|
necessary to install and execute a modified version of the
|
||||||
|
Combined Work produced by recombining or relinking the
|
||||||
|
Application with a modified version of the Linked Version. (If
|
||||||
|
you use option 4d0, the Installation Information must accompany
|
||||||
|
the Minimal Corresponding Source and Corresponding Application
|
||||||
|
Code. If you use option 4d1, you must provide the Installation
|
||||||
|
Information in the manner specified by section 6 of the GNU GPL
|
||||||
|
for conveying Corresponding Source.)
|
||||||
|
|
||||||
|
5. Combined Libraries.
|
||||||
|
|
||||||
|
You may place library facilities that are a work based on the
|
||||||
|
Library side by side in a single library together with other library
|
||||||
|
facilities that are not Applications and are not covered by this
|
||||||
|
License, and convey such a combined library under terms of your
|
||||||
|
choice, if you do both of the following:
|
||||||
|
|
||||||
|
a) Accompany the combined library with a copy of the same work based
|
||||||
|
on the Library, uncombined with any other library facilities,
|
||||||
|
conveyed under the terms of this License.
|
||||||
|
|
||||||
|
b) Give prominent notice with the combined library that part of it
|
||||||
|
is a work based on the Library, and explaining where to find the
|
||||||
|
accompanying uncombined form of the same work.
|
||||||
|
|
||||||
|
6. Revised Versions of the GNU Lesser General Public License.
|
||||||
|
|
||||||
|
The Free Software Foundation may publish revised and/or new versions
|
||||||
|
of the GNU Lesser General Public License from time to time. Such new
|
||||||
|
versions will be similar in spirit to the present version, but may
|
||||||
|
differ in detail to address new problems or concerns.
|
||||||
|
|
||||||
|
Each version is given a distinguishing version number. If the
|
||||||
|
Library as you received it specifies that a certain numbered version
|
||||||
|
of the GNU Lesser General Public License "or any later version"
|
||||||
|
applies to it, you have the option of following the terms and
|
||||||
|
conditions either of that published version or of any later version
|
||||||
|
published by the Free Software Foundation. If the Library as you
|
||||||
|
received it does not specify a version number of the GNU Lesser
|
||||||
|
General Public License, you may choose any version of the GNU Lesser
|
||||||
|
General Public License ever published by the Free Software Foundation.
|
||||||
|
|
||||||
|
If the Library as you received it specifies that a proxy can decide
|
||||||
|
whether future versions of the GNU Lesser General Public License shall
|
||||||
|
apply, that proxy's public statement of acceptance of any version is
|
||||||
|
permanent authorization for you to choose that version for the
|
||||||
|
Library.
|
205
inc/vendor/openlss/lib-array2xml/LSS/Array2XML.php
vendored
Normal file
205
inc/vendor/openlss/lib-array2xml/LSS/Array2XML.php
vendored
Normal file
@ -0,0 +1,205 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* OpenLSS - Lighter Smarter Simpler
|
||||||
|
*
|
||||||
|
* This file is part of OpenLSS.
|
||||||
|
*
|
||||||
|
* OpenLSS is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Lesser General Public License as
|
||||||
|
* published by the Free Software Foundation, either version 3 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* OpenLSS is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the
|
||||||
|
* GNU Lesser General Public License along with OpenLSS.
|
||||||
|
* If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
namespace LSS;
|
||||||
|
|
||||||
|
use \DomDocument;
|
||||||
|
use \Exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Array2XML: A class to convert array in PHP to XML
|
||||||
|
* It also takes into account attributes names unlike SimpleXML in PHP
|
||||||
|
* It returns the XML in form of DOMDocument class for further manipulation.
|
||||||
|
* It throws exception if the tag name or attribute name has illegal chars.
|
||||||
|
*
|
||||||
|
* Author : Lalit Patel
|
||||||
|
* Website: http://www.lalit.org/lab/convert-php-array-to-xml-with-attributes
|
||||||
|
* License: Apache License 2.0
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
* Version: 0.1 (10 July 2011)
|
||||||
|
* Version: 0.2 (16 August 2011)
|
||||||
|
* - replaced htmlentities() with htmlspecialchars() (Thanks to Liel Dulev)
|
||||||
|
* - fixed a edge case where root node has a false/null/0 value. (Thanks to Liel Dulev)
|
||||||
|
* Version: 0.3 (22 August 2011)
|
||||||
|
* - fixed tag sanitize regex which didn't allow tagnames with single character.
|
||||||
|
* Version: 0.4 (18 September 2011)
|
||||||
|
* - Added support for CDATA section using @cdata instead of @value.
|
||||||
|
* Version: 0.5 (07 December 2011)
|
||||||
|
* - Changed logic to check numeric array indices not starting from 0.
|
||||||
|
* Version: 0.6 (04 March 2012)
|
||||||
|
* - Code now doesn't @cdata to be placed in an empty array
|
||||||
|
* Version: 0.7 (24 March 2012)
|
||||||
|
* - Reverted to version 0.5
|
||||||
|
* Version: 0.8 (02 May 2012)
|
||||||
|
* - Removed htmlspecialchars() before adding to text node or attributes.
|
||||||
|
* Version: 0.11 (28 October 2015)
|
||||||
|
* - Fixed typos; Added support for plain insertion of XML trough @xml.
|
||||||
|
*
|
||||||
|
* Usage:
|
||||||
|
* $xml = Array2XML::createXML('root_node_name', $php_array);
|
||||||
|
* echo $xml->saveXML();
|
||||||
|
*/
|
||||||
|
class Array2XML {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var DOMDocument
|
||||||
|
*/
|
||||||
|
private static $xml = null;
|
||||||
|
private static $encoding = 'UTF-8';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize the root XML node [optional]
|
||||||
|
* @param $version
|
||||||
|
* @param $encoding
|
||||||
|
* @param $format_output
|
||||||
|
*/
|
||||||
|
public static function init($version = '1.0', $encoding = 'UTF-8', $format_output = true) {
|
||||||
|
self::$xml = new DomDocument($version, $encoding);
|
||||||
|
self::$xml->formatOutput = $format_output;
|
||||||
|
self::$encoding = $encoding;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert an Array to XML
|
||||||
|
* @param string $node_name - name of the root node to be converted
|
||||||
|
* @param array $arr - aray to be converterd
|
||||||
|
* @return DomDocument
|
||||||
|
*/
|
||||||
|
public static function &createXML($node_name, $arr = array()) {
|
||||||
|
$xml = self::getXMLRoot();
|
||||||
|
$xml->appendChild(self::convert($node_name, $arr));
|
||||||
|
|
||||||
|
self::$xml = null; // clear the xml node in the class for 2nd time use.
|
||||||
|
return $xml;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert an Array to XML.
|
||||||
|
*
|
||||||
|
* @param string $node_name
|
||||||
|
* Name of the root node to be converted.
|
||||||
|
* @param array $arr
|
||||||
|
* Array to be converted.
|
||||||
|
*
|
||||||
|
* @throws \Exception
|
||||||
|
*
|
||||||
|
* @return \DOMNode
|
||||||
|
*/
|
||||||
|
private static function &convert($node_name, $arr = array()) {
|
||||||
|
|
||||||
|
//print_arr($node_name);
|
||||||
|
$xml = self::getXMLRoot();
|
||||||
|
$node = $xml->createElement($node_name);
|
||||||
|
|
||||||
|
if (is_array($arr)) {
|
||||||
|
// get the attributes first.;
|
||||||
|
if (isset($arr['@attributes'])) {
|
||||||
|
foreach ($arr['@attributes'] as $key => $value) {
|
||||||
|
if (!self::isValidTagName($key)) {
|
||||||
|
throw new Exception('[Array2XML] Illegal character in attribute name. attribute: ' . $key . ' in node: ' . $node_name);
|
||||||
|
}
|
||||||
|
$node->setAttribute($key, self::bool2str($value));
|
||||||
|
}
|
||||||
|
unset($arr['@attributes']); //remove the key from the array once done.
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if it has a value stored in @value, if yes store the value and return
|
||||||
|
// else check if its directly stored as string
|
||||||
|
if (isset($arr['@value'])) {
|
||||||
|
$node->appendChild($xml->createTextNode(self::bool2str($arr['@value'])));
|
||||||
|
unset($arr['@value']); //remove the key from the array once done.
|
||||||
|
//return from recursion, as a note with value cannot have child nodes.
|
||||||
|
return $node;
|
||||||
|
} else if (isset($arr['@cdata'])) {
|
||||||
|
$node->appendChild($xml->createCDATASection(self::bool2str($arr['@cdata'])));
|
||||||
|
unset($arr['@cdata']); //remove the key from the array once done.
|
||||||
|
//return from recursion, as a note with cdata cannot have child nodes.
|
||||||
|
return $node;
|
||||||
|
}
|
||||||
|
else if (isset($arr['@xml'])) {
|
||||||
|
$fragment = $xml->createDocumentFragment();
|
||||||
|
$fragment->appendXML($arr['@xml']);
|
||||||
|
$node->appendChild($fragment);
|
||||||
|
unset($arr['@xml']);
|
||||||
|
return $node;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
//create subnodes using recursion
|
||||||
|
if (is_array($arr)) {
|
||||||
|
// recurse to get the node for that key
|
||||||
|
foreach ($arr as $key => $value) {
|
||||||
|
if (!self::isValidTagName($key)) {
|
||||||
|
throw new Exception('[Array2XML] Illegal character in tag name. tag: ' . $key . ' in node: ' . $node_name);
|
||||||
|
}
|
||||||
|
if (is_array($value) && is_numeric(key($value))) {
|
||||||
|
// MORE THAN ONE NODE OF ITS KIND;
|
||||||
|
// if the new array is numeric index, means it is array of nodes of the same kind
|
||||||
|
// it should follow the parent key name
|
||||||
|
foreach ($value as $k => $v) {
|
||||||
|
$node->appendChild(self::convert($key, $v));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// ONLY ONE NODE OF ITS KIND
|
||||||
|
$node->appendChild(self::convert($key, $value));
|
||||||
|
}
|
||||||
|
unset($arr[$key]); //remove the key from the array once done.
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// after we are done with all the keys in the array (if it is one)
|
||||||
|
// we check if it has any text value, if yes, append it.
|
||||||
|
if (!is_array($arr)) {
|
||||||
|
$node->appendChild($xml->createTextNode(self::bool2str($arr)));
|
||||||
|
}
|
||||||
|
|
||||||
|
return $node;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Get the root XML node, if there isn't one, create it.
|
||||||
|
*/
|
||||||
|
private static function getXMLRoot() {
|
||||||
|
if (empty(self::$xml)) {
|
||||||
|
self::init();
|
||||||
|
}
|
||||||
|
return self::$xml;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Get string representation of boolean value
|
||||||
|
*/
|
||||||
|
private static function bool2str($v) {
|
||||||
|
//convert boolean to text value.
|
||||||
|
$v = $v === true ? 'true' : $v;
|
||||||
|
$v = $v === false ? 'false' : $v;
|
||||||
|
return $v;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check if the tag name or attribute name contains illegal characters
|
||||||
|
* Ref: http://www.w3.org/TR/xml/#sec-common-syn
|
||||||
|
*/
|
||||||
|
private static function isValidTagName($tag) {
|
||||||
|
$pattern = '/^[a-z_]+[a-z0-9\:\-\.\_]*[^:]*$/i';
|
||||||
|
return preg_match($pattern, $tag, $matches) && $matches[0] == $tag;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
169
inc/vendor/openlss/lib-array2xml/LSS/XML2Array.php
vendored
Normal file
169
inc/vendor/openlss/lib-array2xml/LSS/XML2Array.php
vendored
Normal file
@ -0,0 +1,169 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* OpenLSS - Lighter Smarter Simpler
|
||||||
|
*
|
||||||
|
* This file is part of OpenLSS.
|
||||||
|
*
|
||||||
|
* OpenLSS is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Lesser General Public License as
|
||||||
|
* published by the Free Software Foundation, either version 3 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* OpenLSS is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the
|
||||||
|
* GNU Lesser General Public License along with OpenLSS.
|
||||||
|
* If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
namespace LSS;
|
||||||
|
use \DOMDocument;
|
||||||
|
use \Exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* XML2Array: A class to convert XML to array in PHP
|
||||||
|
* It returns the array which can be converted back to XML using the Array2XML script
|
||||||
|
* It takes an XML string or a DOMDocument object as an input.
|
||||||
|
*
|
||||||
|
* See Array2XML: http://www.lalit.org/lab/convert-php-array-to-xml-with-attributes
|
||||||
|
*
|
||||||
|
* Author : Lalit Patel
|
||||||
|
* Website: http://www.lalit.org/lab/convert-xml-to-array-in-php-xml2array
|
||||||
|
* License: Apache License 2.0
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
* Version: 0.1 (07 Dec 2011)
|
||||||
|
* Version: 0.2 (04 Mar 2012)
|
||||||
|
* Fixed typo 'DomDocument' to 'DOMDocument'
|
||||||
|
*
|
||||||
|
* Usage:
|
||||||
|
* $array = XML2Array::createArray($xml);
|
||||||
|
*/
|
||||||
|
|
||||||
|
class XML2Array {
|
||||||
|
|
||||||
|
protected static $xml = null;
|
||||||
|
protected static $encoding = 'UTF-8';
|
||||||
|
protected static $prefix_attributes = '@';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Initialize the root XML node [optional]
|
||||||
|
* @param $version
|
||||||
|
* @param $encoding
|
||||||
|
* @param $format_output
|
||||||
|
*/
|
||||||
|
public static function init($version = '1.0', $encoding = 'UTF-8', $format_output = true) {
|
||||||
|
self::$xml = new DOMDocument($version, $encoding);
|
||||||
|
self::$xml->formatOutput = $format_output;
|
||||||
|
self::$encoding = $encoding;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert an XML to Array
|
||||||
|
* @param string $node_name - name of the root node to be converted
|
||||||
|
* @param int - Bitwise OR of the libxml option constants see @link http://php.net/manual/zh/libxml.constants.php
|
||||||
|
* @param array $arr - aray to be converterd
|
||||||
|
* @return DOMDocument
|
||||||
|
*/
|
||||||
|
public static function &createArray($input_xml, $options = 0) {
|
||||||
|
$xml = self::getXMLRoot();
|
||||||
|
if(is_string($input_xml)) {
|
||||||
|
$parsed = $xml->loadXML($input_xml, $options);
|
||||||
|
if(!$parsed) {
|
||||||
|
throw new Exception('[XML2Array] Error parsing the XML string.');
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if(get_class($input_xml) != 'DOMDocument') {
|
||||||
|
throw new Exception('[XML2Array] The input XML object should be of type: DOMDocument.');
|
||||||
|
}
|
||||||
|
$xml = self::$xml = $input_xml;
|
||||||
|
}
|
||||||
|
$array[$xml->documentElement->tagName] = self::convert($xml->documentElement);
|
||||||
|
self::$xml = null; // clear the xml node in the class for 2nd time use.
|
||||||
|
return $array;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert an Array to XML
|
||||||
|
* @param mixed $node - XML as a string or as an object of DOMDocument
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
protected static function &convert($node) {
|
||||||
|
$output = array();
|
||||||
|
|
||||||
|
switch ($node->nodeType) {
|
||||||
|
case XML_CDATA_SECTION_NODE:
|
||||||
|
$output[static::$prefix_attributes.'cdata'] = trim($node->textContent);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case XML_TEXT_NODE:
|
||||||
|
$output = trim($node->textContent);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case XML_ELEMENT_NODE:
|
||||||
|
|
||||||
|
// for each child node, call the covert function recursively
|
||||||
|
for ($i=0, $m=$node->childNodes->length; $i<$m; $i++) {
|
||||||
|
$child = $node->childNodes->item($i);
|
||||||
|
$v = self::convert($child);
|
||||||
|
if(isset($child->tagName)) {
|
||||||
|
$t = $child->tagName;
|
||||||
|
|
||||||
|
// avoid fatal error if the content looks like '<html><body>You are being <a href="https://some.url">redirected</a>.</body></html>'
|
||||||
|
if(isset($output) && !is_array($output)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
// assume more nodes of same kind are coming
|
||||||
|
if(!isset($output[$t])) {
|
||||||
|
$output[$t] = array();
|
||||||
|
}
|
||||||
|
$output[$t][] = $v;
|
||||||
|
} else {
|
||||||
|
//check if it is not an empty text node
|
||||||
|
if($v !== '') {
|
||||||
|
$output = $v;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(is_array($output)) {
|
||||||
|
// if only one node of its kind, assign it directly instead if array($value);
|
||||||
|
foreach ($output as $t => $v) {
|
||||||
|
if(is_array($v) && count($v)==1) {
|
||||||
|
$output[$t] = $v[0];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(empty($output)) {
|
||||||
|
//for empty nodes
|
||||||
|
$output = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// loop through the attributes and collect them
|
||||||
|
if($node->attributes->length) {
|
||||||
|
$a = array();
|
||||||
|
foreach($node->attributes as $attrName => $attrNode) {
|
||||||
|
$a[$attrName] = (string) $attrNode->value;
|
||||||
|
}
|
||||||
|
// if its an leaf node, store the value in @value instead of directly storing it.
|
||||||
|
if(!is_array($output)) {
|
||||||
|
$output = array(static::$prefix_attributes.'value' => $output);
|
||||||
|
}
|
||||||
|
$output[static::$prefix_attributes.'attributes'] = $a;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return $output;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Get the root XML node, if there isn't one, create it.
|
||||||
|
*/
|
||||||
|
protected static function getXMLRoot(){
|
||||||
|
if(empty(self::$xml)) {
|
||||||
|
self::init();
|
||||||
|
}
|
||||||
|
return self::$xml;
|
||||||
|
}
|
||||||
|
}
|
69
inc/vendor/openlss/lib-array2xml/README.md
vendored
Normal file
69
inc/vendor/openlss/lib-array2xml/README.md
vendored
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
lib-array2xml
|
||||||
|
=============
|
||||||
|
|
||||||
|
Array2XML conversion library credit to lalit.org
|
||||||
|
|
||||||
|
Usage
|
||||||
|
----
|
||||||
|
```php
|
||||||
|
//create XML
|
||||||
|
$xml = Array2XML::createXML('root_node_name', $php_array);
|
||||||
|
echo $xml->saveXML();
|
||||||
|
|
||||||
|
//create Array
|
||||||
|
$array = XML2Array::createArray($xml);
|
||||||
|
print_r($array);
|
||||||
|
```
|
||||||
|
|
||||||
|
Array2XML
|
||||||
|
----
|
||||||
|
|
||||||
|
@xml example:
|
||||||
|
```php
|
||||||
|
// Build the array that should be transformed into a XML object.
|
||||||
|
$array = [
|
||||||
|
'title' => 'A title',
|
||||||
|
'body' => [
|
||||||
|
'@xml' => '<html><body><p>The content for the news item</p></body></html>',
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
// Use the Array2XML object to transform it.
|
||||||
|
$xml = Array2XML::createXML('news', $array);
|
||||||
|
echo $xml->saveXML();
|
||||||
|
```
|
||||||
|
This will result in the following.
|
||||||
|
```xml
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<news>
|
||||||
|
<title>A title</title>
|
||||||
|
<body>
|
||||||
|
<html>
|
||||||
|
<body>
|
||||||
|
<p>The content for the news item</p>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
</body>
|
||||||
|
</news>
|
||||||
|
```
|
||||||
|
|
||||||
|
Reference
|
||||||
|
----
|
||||||
|
More complete references can be found here
|
||||||
|
http://www.lalit.org/lab/convert-xml-to-array-in-php-xml2array/
|
||||||
|
http://www.lalit.org/lab/convert-php-array-to-xml-with-attributes/
|
||||||
|
|
||||||
|
## Changelog
|
||||||
|
|
||||||
|
### 0.5.1
|
||||||
|
* Fix fata error when the array passed is empty fixed by pull request #6
|
||||||
|
|
||||||
|
### 0.5.0
|
||||||
|
* add second parameter to XML2Array::createArray for DOMDocument::load, e.g: LIBXML_NOCDATA
|
||||||
|
* change method visibility from private to protected for overloading
|
||||||
|
* Merge pull request #5 to add child xml
|
||||||
|
* Merge pull request #4 to change method visibility and add second parameter for load.
|
||||||
|
|
||||||
|
|
||||||
|
### 0.1.0
|
||||||
|
* Initial Release
|
33
inc/vendor/openlss/lib-array2xml/composer.json
vendored
Normal file
33
inc/vendor/openlss/lib-array2xml/composer.json
vendored
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{
|
||||||
|
"name": "openlss/lib-array2xml"
|
||||||
|
,"homepage": "http://openlss.org"
|
||||||
|
,"description": "Array2XML conversion library credit to lalit.org"
|
||||||
|
,"license": "Apache-2.0"
|
||||||
|
,"type": "library"
|
||||||
|
,"keywords": [
|
||||||
|
"array"
|
||||||
|
,"xml"
|
||||||
|
,"xml conversion"
|
||||||
|
,"array conversion"
|
||||||
|
]
|
||||||
|
,"authors": [
|
||||||
|
{
|
||||||
|
"name": "Bryan Tong"
|
||||||
|
,"email": "contact@nullivex.com"
|
||||||
|
,"homepage": "http://bryantong.com"
|
||||||
|
}
|
||||||
|
,{
|
||||||
|
"name": "Tony Butler"
|
||||||
|
,"email": "spudz76@gmail.com"
|
||||||
|
,"homepage": "http://openlss.org"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
,"require": {
|
||||||
|
"php": ">=5.3.2"
|
||||||
|
}
|
||||||
|
,"autoload": {
|
||||||
|
"psr-0": {
|
||||||
|
"LSS": ""
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file.
|
|||||||
The format is based on [Keep a Changelog](http://keepachangelog.com/)
|
The format is based on [Keep a Changelog](http://keepachangelog.com/)
|
||||||
and this project adheres to [Semantic Versioning](http://semver.org/).
|
and this project adheres to [Semantic Versioning](http://semver.org/).
|
||||||
|
|
||||||
|
## [1.4.1] - 2018-09-30
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
- Remove locale from formatting string - [#644](https://github.com/PHPOffice/PhpSpreadsheet/pull/644)
|
||||||
|
- Allow iterators to go out of bounds with prev - [#587](https://github.com/PHPOffice/PhpSpreadsheet/issues/587)
|
||||||
|
- Fix warning when reading xlsx without styles - [#631](https://github.com/PHPOffice/PhpSpreadsheet/pull/631)
|
||||||
|
- Fix broken sample links on windows due to $baseDir having backslash - [#653](https://github.com/PHPOffice/PhpSpreadsheet/pull/653)
|
||||||
|
|
||||||
## [1.4.0] - 2018-08-06
|
## [1.4.0] - 2018-08-06
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
@ -61,7 +61,7 @@
|
|||||||
"suggest": {
|
"suggest": {
|
||||||
"mpdf/mpdf": "Option for rendering PDF with PDF Writer",
|
"mpdf/mpdf": "Option for rendering PDF with PDF Writer",
|
||||||
"dompdf/dompdf": "Option for rendering PDF with PDF Writer",
|
"dompdf/dompdf": "Option for rendering PDF with PDF Writer",
|
||||||
"tecnick.com/tcpdf": "Option for rendering PDF with PDF Writer",
|
"tecnickcom/tcpdf": "Option for rendering PDF with PDF Writer",
|
||||||
"jpgraph/jpgraph": "Option for rendering charts, or including charts with PDF or HTML Writers"
|
"jpgraph/jpgraph": "Option for rendering charts, or including charts with PDF or HTML Writers"
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
|
@ -43,7 +43,7 @@ usage of PhpSpreadsheet.
|
|||||||
## Common use cases
|
## Common use cases
|
||||||
|
|
||||||
PhpSpreadsheet does not ship with alternative cache implementation. It is up to
|
PhpSpreadsheet does not ship with alternative cache implementation. It is up to
|
||||||
you to select the most appropriate implementation for your environnement. You
|
you to select the most appropriate implementation for your environment. You
|
||||||
can either implement [PSR-16](http://www.php-fig.org/psr/psr-16/) from scratch,
|
can either implement [PSR-16](http://www.php-fig.org/psr/psr-16/) from scratch,
|
||||||
or use [pre-existing libraries](https://packagist.org/search/?q=psr-16).
|
or use [pre-existing libraries](https://packagist.org/search/?q=psr-16).
|
||||||
|
|
||||||
|
@ -82,7 +82,7 @@ class Sample
|
|||||||
|
|
||||||
$files = [];
|
$files = [];
|
||||||
foreach ($regex as $file) {
|
foreach ($regex as $file) {
|
||||||
$file = str_replace($baseDir . '/', '', $file[0]);
|
$file = str_replace(str_replace('\\', '/', $baseDir) . '/', '', str_replace('\\', '/', $file[0]));
|
||||||
$info = pathinfo($file);
|
$info = pathinfo($file);
|
||||||
$category = str_replace('_', ' ', $info['dirname']);
|
$category = str_replace('_', ' ', $info['dirname']);
|
||||||
$name = str_replace('_', ' ', preg_replace('/(|\.php)/', '', $info['filename']));
|
$name = str_replace('_', ' ', preg_replace('/(|\.php)/', '', $info['filename']));
|
||||||
|
@ -1127,7 +1127,7 @@ class Xls extends BaseReader
|
|||||||
// TODO: Why is there no BSE Index? Is this a new Office Version? Password protected field?
|
// TODO: Why is there no BSE Index? Is this a new Office Version? Password protected field?
|
||||||
// More likely : a uncompatible picture
|
// More likely : a uncompatible picture
|
||||||
if (!$BSEindex) {
|
if (!$BSEindex) {
|
||||||
continue;
|
continue 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
$BSECollection = $escherWorkbook->getDggContainer()->getBstoreContainer()->getBSECollection();
|
$BSECollection = $escherWorkbook->getDggContainer()->getBstoreContainer()->getBSECollection();
|
||||||
|
@ -643,7 +643,7 @@ class Xlsx extends BaseReader
|
|||||||
$excel->addCellXf($objStyle);
|
$excel->addCellXf($objStyle);
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($xmlStyles->cellStyleXfs->xf as $xf) {
|
foreach (isset($xmlStyles->cellStyleXfs->xf) ? $xmlStyles->cellStyleXfs->xf : [] as $xf) {
|
||||||
$numFmt = NumberFormat::FORMAT_GENERAL;
|
$numFmt = NumberFormat::FORMAT_GENERAL;
|
||||||
if ($numFmts && $xf['numFmtId']) {
|
if ($numFmts && $xf['numFmtId']) {
|
||||||
$tmpNumFmt = self::getArrayItem($numFmts->xpath("sml:numFmt[@numFmtId=$xf[numFmtId]]"));
|
$tmpNumFmt = self::getArrayItem($numFmts->xpath("sml:numFmt[@numFmtId=$xf[numFmtId]]"));
|
||||||
|
@ -320,7 +320,7 @@ class OLE
|
|||||||
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
continue;
|
break;
|
||||||
}
|
}
|
||||||
fseek($fh, 1, SEEK_CUR);
|
fseek($fh, 1, SEEK_CUR);
|
||||||
$pps->Type = $type;
|
$pps->Type = $type;
|
||||||
|
@ -691,6 +691,9 @@ class NumberFormat extends Supervisor
|
|||||||
// Strip #
|
// Strip #
|
||||||
$format = preg_replace('/\\#/', '0', $format);
|
$format = preg_replace('/\\#/', '0', $format);
|
||||||
|
|
||||||
|
// Remove locale code [$-###]
|
||||||
|
$format = preg_replace('/\[\$\-.*\]/', '', $format);
|
||||||
|
|
||||||
$n = '/\\[[^\\]]+\\]/';
|
$n = '/\\[[^\\]]+\\]/';
|
||||||
$m = preg_replace($n, '', $format);
|
$m = preg_replace($n, '', $format);
|
||||||
$number_regex = '/(0+)(\\.?)(0*)/';
|
$number_regex = '/(0+)(\\.?)(0*)/';
|
||||||
|
@ -153,10 +153,6 @@ class ColumnCellIterator extends CellIterator
|
|||||||
*/
|
*/
|
||||||
public function prev()
|
public function prev()
|
||||||
{
|
{
|
||||||
if ($this->currentRow <= $this->startRow) {
|
|
||||||
throw new PhpSpreadsheetException("Row is already at the beginning of range ({$this->startRow} - {$this->endRow})");
|
|
||||||
}
|
|
||||||
|
|
||||||
do {
|
do {
|
||||||
--$this->currentRow;
|
--$this->currentRow;
|
||||||
} while (($this->onlyExistingCells) &&
|
} while (($this->onlyExistingCells) &&
|
||||||
@ -171,7 +167,7 @@ class ColumnCellIterator extends CellIterator
|
|||||||
*/
|
*/
|
||||||
public function valid()
|
public function valid()
|
||||||
{
|
{
|
||||||
return $this->currentRow <= $this->endRow;
|
return $this->currentRow <= $this->endRow && $this->currentRow >= $this->startRow;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -157,14 +157,9 @@ class ColumnIterator implements \Iterator
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the iterator to its previous value.
|
* Set the iterator to its previous value.
|
||||||
*
|
|
||||||
* @throws PhpSpreadsheetException
|
|
||||||
*/
|
*/
|
||||||
public function prev()
|
public function prev()
|
||||||
{
|
{
|
||||||
if ($this->currentColumnIndex <= $this->startColumnIndex) {
|
|
||||||
throw new PhpSpreadsheetException('Column is already at the beginning of range (' . Coordinate::stringFromColumnIndex($this->endColumnIndex) . ' - ' . Coordinate::stringFromColumnIndex($this->endColumnIndex) . ')');
|
|
||||||
}
|
|
||||||
--$this->currentColumnIndex;
|
--$this->currentColumnIndex;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -175,6 +170,6 @@ class ColumnIterator implements \Iterator
|
|||||||
*/
|
*/
|
||||||
public function valid()
|
public function valid()
|
||||||
{
|
{
|
||||||
return $this->currentColumnIndex <= $this->endColumnIndex;
|
return $this->currentColumnIndex <= $this->endColumnIndex && $this->currentColumnIndex >= $this->startColumnIndex;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -25,7 +25,7 @@ class Iterator implements \Iterator
|
|||||||
*
|
*
|
||||||
* @param Spreadsheet $subject
|
* @param Spreadsheet $subject
|
||||||
*/
|
*/
|
||||||
public function __construct(Spreadsheet $subject = null)
|
public function __construct(Spreadsheet $subject)
|
||||||
{
|
{
|
||||||
// Set subject
|
// Set subject
|
||||||
$this->subject = $subject;
|
$this->subject = $subject;
|
||||||
@ -82,6 +82,6 @@ class Iterator implements \Iterator
|
|||||||
*/
|
*/
|
||||||
public function valid()
|
public function valid()
|
||||||
{
|
{
|
||||||
return $this->position < $this->subject->getSheetCount();
|
return $this->position < $this->subject->getSheetCount() && $this->position >= 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -155,9 +155,6 @@ class RowCellIterator extends CellIterator
|
|||||||
*/
|
*/
|
||||||
public function prev()
|
public function prev()
|
||||||
{
|
{
|
||||||
if ($this->currentColumnIndex <= $this->startColumnIndex) {
|
|
||||||
throw new PhpSpreadsheetException('Column is already at the beginning of range (' . Coordinate::stringFromColumnIndex($this->endColumnIndex) . ' - ' . Coordinate::stringFromColumnIndex($this->endColumnIndex) . ')');
|
|
||||||
}
|
|
||||||
do {
|
do {
|
||||||
--$this->currentColumnIndex;
|
--$this->currentColumnIndex;
|
||||||
} while (($this->onlyExistingCells) && (!$this->worksheet->cellExistsByColumnAndRow($this->currentColumnIndex, $this->rowIndex)) && ($this->currentColumnIndex >= $this->startColumnIndex));
|
} while (($this->onlyExistingCells) && (!$this->worksheet->cellExistsByColumnAndRow($this->currentColumnIndex, $this->rowIndex)) && ($this->currentColumnIndex >= $this->startColumnIndex));
|
||||||
@ -170,7 +167,7 @@ class RowCellIterator extends CellIterator
|
|||||||
*/
|
*/
|
||||||
public function valid()
|
public function valid()
|
||||||
{
|
{
|
||||||
return $this->currentColumnIndex <= $this->endColumnIndex;
|
return $this->currentColumnIndex <= $this->endColumnIndex && $this->currentColumnIndex >= $this->startColumnIndex;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -152,15 +152,9 @@ class RowIterator implements \Iterator
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the iterator to its previous value.
|
* Set the iterator to its previous value.
|
||||||
*
|
|
||||||
* @throws PhpSpreadsheetException
|
|
||||||
*/
|
*/
|
||||||
public function prev()
|
public function prev()
|
||||||
{
|
{
|
||||||
if ($this->position <= $this->startRow) {
|
|
||||||
throw new PhpSpreadsheetException("Row is already at the beginning of range ({$this->startRow} - {$this->endRow})");
|
|
||||||
}
|
|
||||||
|
|
||||||
--$this->position;
|
--$this->position;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -171,6 +165,6 @@ class RowIterator implements \Iterator
|
|||||||
*/
|
*/
|
||||||
public function valid()
|
public function valid()
|
||||||
{
|
{
|
||||||
return $this->position <= $this->endRow;
|
return $this->position <= $this->endRow && $this->position >= $this->startRow;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -78,9 +78,8 @@ class ColumnCellIteratorTest extends TestCase
|
|||||||
|
|
||||||
public function testPrevOutOfRange()
|
public function testPrevOutOfRange()
|
||||||
{
|
{
|
||||||
$this->expectException(\PhpOffice\PhpSpreadsheet\Exception::class);
|
|
||||||
|
|
||||||
$iterator = new ColumnCellIterator($this->mockWorksheet, 'A', 2, 4);
|
$iterator = new ColumnCellIterator($this->mockWorksheet, 'A', 2, 4);
|
||||||
$iterator->prev();
|
$iterator->prev();
|
||||||
|
self::assertFalse($iterator->valid());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -77,9 +77,8 @@ class ColumnIteratorTest extends TestCase
|
|||||||
|
|
||||||
public function testPrevOutOfRange()
|
public function testPrevOutOfRange()
|
||||||
{
|
{
|
||||||
$this->expectException(\PhpOffice\PhpSpreadsheet\Exception::class);
|
|
||||||
|
|
||||||
$iterator = new ColumnIterator($this->mockWorksheet, 'B', 'D');
|
$iterator = new ColumnIterator($this->mockWorksheet, 'B', 'D');
|
||||||
$iterator->prev();
|
$iterator->prev();
|
||||||
|
self::assertFalse($iterator->valid());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
28
inc/vendor/phpoffice/phpspreadsheet/tests/PhpSpreadsheetTests/Worksheet/IteratorTest.php
vendored
Normal file
28
inc/vendor/phpoffice/phpspreadsheet/tests/PhpSpreadsheetTests/Worksheet/IteratorTest.php
vendored
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace PhpOffice\PhpSpreadsheetTests\Worksheet;
|
||||||
|
|
||||||
|
use PhpOffice\PhpSpreadsheet\Spreadsheet;
|
||||||
|
use PhpOffice\PhpSpreadsheet\Worksheet\Iterator;
|
||||||
|
use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
|
||||||
|
use PHPUnit\Framework\TestCase;
|
||||||
|
|
||||||
|
class IteratorTest extends TestCase
|
||||||
|
{
|
||||||
|
public function testIteratorFullRange()
|
||||||
|
{
|
||||||
|
$spreadsheet = new Spreadsheet();
|
||||||
|
$spreadsheet->createSheet();
|
||||||
|
$spreadsheet->createSheet();
|
||||||
|
|
||||||
|
$iterator = new Iterator($spreadsheet);
|
||||||
|
$columnIndexResult = 0;
|
||||||
|
self::assertEquals($columnIndexResult, $iterator->key());
|
||||||
|
|
||||||
|
foreach ($iterator as $key => $column) {
|
||||||
|
self::assertEquals($columnIndexResult++, $key);
|
||||||
|
self::assertInstanceOf(Worksheet::class, $column);
|
||||||
|
}
|
||||||
|
self::assertSame(3, $columnIndexResult);
|
||||||
|
}
|
||||||
|
}
|
@ -80,9 +80,8 @@ class RowCellIteratorTest extends TestCase
|
|||||||
|
|
||||||
public function testPrevOutOfRange()
|
public function testPrevOutOfRange()
|
||||||
{
|
{
|
||||||
$this->expectException(\PhpOffice\PhpSpreadsheet\Exception::class);
|
|
||||||
|
|
||||||
$iterator = new RowCellIterator($this->mockWorksheet, 2, 'B', 'D');
|
$iterator = new RowCellIterator($this->mockWorksheet, 2, 'B', 'D');
|
||||||
$iterator->prev();
|
$iterator->prev();
|
||||||
|
self::assertFalse($iterator->valid());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -75,9 +75,8 @@ class RowIteratorTest extends TestCase
|
|||||||
|
|
||||||
public function testPrevOutOfRange()
|
public function testPrevOutOfRange()
|
||||||
{
|
{
|
||||||
$this->expectException(\PhpOffice\PhpSpreadsheet\Exception::class);
|
|
||||||
|
|
||||||
$iterator = new RowIterator($this->mockWorksheet, 2, 4);
|
$iterator = new RowIterator($this->mockWorksheet, 2, 4);
|
||||||
$iterator->prev();
|
$iterator->prev();
|
||||||
|
self::assertFalse($iterator->valid());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -186,4 +186,24 @@ return [
|
|||||||
-1234567.8899999999,
|
-1234567.8899999999,
|
||||||
'0000:00.00',
|
'0000:00.00',
|
||||||
],
|
],
|
||||||
|
[
|
||||||
|
'18.952',
|
||||||
|
18.952,
|
||||||
|
'[$-409]General',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'9.98',
|
||||||
|
9.98,
|
||||||
|
'[$-409]#,##0.00;-#,##0.00',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'18.952',
|
||||||
|
18.952,
|
||||||
|
'[$-1010409]General',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'9.98',
|
||||||
|
9.98,
|
||||||
|
'[$-1010409]#,##0.00;-#,##0.00',
|
||||||
|
],
|
||||||
];
|
];
|
||||||
|
@ -62,4 +62,14 @@ return [
|
|||||||
43270.603472222,
|
43270.603472222,
|
||||||
'hh:mm:ss\ AM/PM',
|
'hh:mm:ss\ AM/PM',
|
||||||
],
|
],
|
||||||
|
[
|
||||||
|
'8/20/2018',
|
||||||
|
43332,
|
||||||
|
'[$-409]m/d/yyyy',
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'8/20/2018',
|
||||||
|
43332,
|
||||||
|
'[$-1010409]m/d/yyyy',
|
||||||
|
],
|
||||||
];
|
];
|
||||||
|
11
inc/vendor/tecnickcom/tcpdf/CHANGELOG.TXT
vendored
11
inc/vendor/tecnickcom/tcpdf/CHANGELOG.TXT
vendored
@ -1,4 +1,13 @@
|
|||||||
6.2.20
|
6.2.25
|
||||||
|
- Fix support for image URLs.
|
||||||
|
|
||||||
|
6.2.24
|
||||||
|
- Support remote urls when checking if file exists.
|
||||||
|
|
||||||
|
6.2.23
|
||||||
|
- Simplify file_exists function.
|
||||||
|
|
||||||
|
6.2.22
|
||||||
- Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data.
|
- Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data.
|
||||||
|
|
||||||
6.2.19
|
6.2.19
|
||||||
|
2
inc/vendor/tecnickcom/tcpdf/composer.json
vendored
2
inc/vendor/tecnickcom/tcpdf/composer.json
vendored
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "tecnickcom/tcpdf",
|
"name": "tecnickcom/tcpdf",
|
||||||
"version": "6.2.22",
|
"version": "6.2.26",
|
||||||
"homepage": "http://www.tcpdf.org/",
|
"homepage": "http://www.tcpdf.org/",
|
||||||
"type": "library",
|
"type": "library",
|
||||||
"description": "TCPDF is a PHP class for generating PDF documents and barcodes.",
|
"description": "TCPDF is a PHP class for generating PDF documents and barcodes.",
|
||||||
|
BIN
inc/vendor/tecnickcom/tcpdf/include/sRGB.icc
vendored
BIN
inc/vendor/tecnickcom/tcpdf/include/sRGB.icc
vendored
Binary file not shown.
@ -2003,7 +2003,11 @@ class TCPDF_FONTS {
|
|||||||
$chars = str_split($str);
|
$chars = str_split($str);
|
||||||
$carr = array_map('ord', $chars);
|
$carr = array_map('ord', $chars);
|
||||||
}
|
}
|
||||||
$currentfont['subsetchars'] += array_fill_keys($carr, true);
|
if (is_array($currentfont['subsetchars']) && is_array($carr)) {
|
||||||
|
$currentfont['subsetchars'] += array_fill_keys($carr, true);
|
||||||
|
} else {
|
||||||
|
$currentfont['subsetchars'] = array_merge($currentfont['subsetchars'], $carr);
|
||||||
|
}
|
||||||
return $carr;
|
return $carr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -55,7 +55,7 @@ class TCPDF_STATIC {
|
|||||||
* Current TCPDF version.
|
* Current TCPDF version.
|
||||||
* @private static
|
* @private static
|
||||||
*/
|
*/
|
||||||
private static $tcpdf_version = '6.2.22';
|
private static $tcpdf_version = '6.2.26';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* String alias for total number of pages.
|
* String alias for total number of pages.
|
||||||
@ -1821,6 +1821,31 @@ class TCPDF_STATIC {
|
|||||||
return fopen($filename, $mode);
|
return fopen($filename, $mode);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if the URL exist.
|
||||||
|
* @param url (string) URL to check.
|
||||||
|
* @return Returns TRUE if the URL exists; FALSE otherwise.
|
||||||
|
* @public static
|
||||||
|
*/
|
||||||
|
public static function url_exists($url) {
|
||||||
|
$crs = curl_init();
|
||||||
|
curl_setopt($crs, CURLOPT_URL, $url);
|
||||||
|
curl_setopt($crs, CURLOPT_NOBODY, true);
|
||||||
|
curl_setopt($crs, CURLOPT_FAILONERROR, true);
|
||||||
|
if ((ini_get('open_basedir') == '') && (!ini_get('safe_mode'))) {
|
||||||
|
curl_setopt($crs, CURLOPT_FOLLOWLOCATION, true);
|
||||||
|
}
|
||||||
|
curl_setopt($crs, CURLOPT_CONNECTTIMEOUT, 5);
|
||||||
|
curl_setopt($crs, CURLOPT_TIMEOUT, 30);
|
||||||
|
curl_setopt($crs, CURLOPT_SSL_VERIFYPEER, false);
|
||||||
|
curl_setopt($crs, CURLOPT_SSL_VERIFYHOST, false);
|
||||||
|
curl_setopt($crs, CURLOPT_USERAGENT, 'tc-lib-file');
|
||||||
|
curl_exec($crs);
|
||||||
|
$code = curl_getinfo($crs, CURLINFO_HTTP_CODE);
|
||||||
|
curl_close($crs);
|
||||||
|
return ($code == 200);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Wrapper for file_exists.
|
* Wrapper for file_exists.
|
||||||
* Checks whether a file or directory exists.
|
* Checks whether a file or directory exists.
|
||||||
@ -1830,20 +1855,11 @@ class TCPDF_STATIC {
|
|||||||
* @public static
|
* @public static
|
||||||
*/
|
*/
|
||||||
public static function file_exists($filename) {
|
public static function file_exists($filename) {
|
||||||
if (strpos($filename, '://') > 0) {
|
if (preg_match('|^https?://|', $filename) == 1) {
|
||||||
$wrappers = stream_get_wrappers();
|
return self::url_exists($filename);
|
||||||
foreach ($wrappers as $wrapper) {
|
|
||||||
if (($wrapper === 'http') || ($wrapper === 'https')) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if (stripos($filename, $wrapper.'://') === 0) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if (!@file_exists($filename)) {
|
if (strpos($filename, '://')) {
|
||||||
// try to encode spaces on filename
|
return false; // only support http and https wrappers for security reasons
|
||||||
$filename = str_replace(' ', '%20', $filename);
|
|
||||||
}
|
}
|
||||||
return @file_exists($filename);
|
return @file_exists($filename);
|
||||||
}
|
}
|
||||||
|
220
inc/vendor/tecnickcom/tcpdf/tcpdf.php
vendored
220
inc/vendor/tecnickcom/tcpdf/tcpdf.php
vendored
@ -1,7 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
//============================================================+
|
//============================================================+
|
||||||
// File name : tcpdf.php
|
// File name : tcpdf.php
|
||||||
// Version : 6.2.22
|
// Version : 6.2.26
|
||||||
// Begin : 2002-08-03
|
// Begin : 2002-08-03
|
||||||
// Last Update : 2018-09-14
|
// Last Update : 2018-09-14
|
||||||
// Author : Nicola Asuni - Tecnick.com LTD - www.tecnick.com - info@tecnick.com
|
// Author : Nicola Asuni - Tecnick.com LTD - www.tecnick.com - info@tecnick.com
|
||||||
@ -104,7 +104,7 @@
|
|||||||
* Tools to encode your unicode fonts are on fonts/utils directory.</p>
|
* Tools to encode your unicode fonts are on fonts/utils directory.</p>
|
||||||
* @package com.tecnick.tcpdf
|
* @package com.tecnick.tcpdf
|
||||||
* @author Nicola Asuni
|
* @author Nicola Asuni
|
||||||
* @version 6.2.22
|
* @version 6.2.26
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// TCPDF configuration
|
// TCPDF configuration
|
||||||
@ -128,7 +128,7 @@ require_once(dirname(__FILE__).'/include/tcpdf_static.php');
|
|||||||
* TCPDF project (http://www.tcpdf.org) has been originally derived in 2002 from the Public Domain FPDF class by Olivier Plathey (http://www.fpdf.org), but now is almost entirely rewritten.<br>
|
* TCPDF project (http://www.tcpdf.org) has been originally derived in 2002 from the Public Domain FPDF class by Olivier Plathey (http://www.fpdf.org), but now is almost entirely rewritten.<br>
|
||||||
* @package com.tecnick.tcpdf
|
* @package com.tecnick.tcpdf
|
||||||
* @brief PHP class for generating PDF documents without requiring external extensions.
|
* @brief PHP class for generating PDF documents without requiring external extensions.
|
||||||
* @version 6.2.22
|
* @version 6.2.26
|
||||||
* @author Nicola Asuni - info@tecnick.com
|
* @author Nicola Asuni - info@tecnick.com
|
||||||
* @IgnoreAnnotation("protected")
|
* @IgnoreAnnotation("protected")
|
||||||
* @IgnoreAnnotation("public")
|
* @IgnoreAnnotation("public")
|
||||||
@ -5769,10 +5769,9 @@ class TCPDF {
|
|||||||
$this->resetLastH();
|
$this->resetLastH();
|
||||||
}
|
}
|
||||||
if (!TCPDF_STATIC::empty_string($y)) {
|
if (!TCPDF_STATIC::empty_string($y)) {
|
||||||
$this->SetY($y);
|
$this->SetY($y); // set y in order to convert negative y values to positive ones
|
||||||
} else {
|
|
||||||
$y = $this->GetY();
|
|
||||||
}
|
}
|
||||||
|
$y = $this->GetY();
|
||||||
$resth = 0;
|
$resth = 0;
|
||||||
if (($h > 0) AND $this->inPageBody() AND (($y + $h + $mc_margin['T'] + $mc_margin['B']) > $this->PageBreakTrigger)) {
|
if (($h > 0) AND $this->inPageBody() AND (($y + $h + $mc_margin['T'] + $mc_margin['B']) > $this->PageBreakTrigger)) {
|
||||||
// spit cell in more pages/columns
|
// spit cell in more pages/columns
|
||||||
@ -9648,7 +9647,7 @@ class TCPDF {
|
|||||||
protected function _putcatalog() {
|
protected function _putcatalog() {
|
||||||
// put XMP
|
// put XMP
|
||||||
$xmpobj = $this->_putXMP();
|
$xmpobj = $this->_putXMP();
|
||||||
// if required, add standard sRGB_IEC61966-2.1 blackscaled ICC colour profile
|
// if required, add standard sRGB ICC colour profile
|
||||||
if ($this->pdfa_mode OR $this->force_srgb) {
|
if ($this->pdfa_mode OR $this->force_srgb) {
|
||||||
$iccobj = $this->_newobj();
|
$iccobj = $this->_newobj();
|
||||||
$icc = file_get_contents(dirname(__FILE__).'/include/sRGB.icc');
|
$icc = file_get_contents(dirname(__FILE__).'/include/sRGB.icc');
|
||||||
@ -18818,102 +18817,124 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case 'img': {
|
case 'img': {
|
||||||
if (!empty($tag['attribute']['src'])) {
|
if (empty($tag['attribute']['src'])) {
|
||||||
if ($tag['attribute']['src'][0] === '@') {
|
break;
|
||||||
// data stream
|
}
|
||||||
$tag['attribute']['src'] = '@'.base64_decode(substr($tag['attribute']['src'], 1));
|
$imgsrc = $tag['attribute']['src'];
|
||||||
$type = '';
|
if ($imgsrc[0] === '@') {
|
||||||
} else {
|
// data stream
|
||||||
// get image type
|
$imgsrc = '@'.base64_decode(substr($imgsrc, 1));
|
||||||
$type = TCPDF_IMAGES::getImageFileType($tag['attribute']['src']);
|
$type = '';
|
||||||
}
|
} else {
|
||||||
if (!isset($tag['width'])) {
|
if (($imgsrc[0] === '/') AND !empty($_SERVER['DOCUMENT_ROOT']) AND ($_SERVER['DOCUMENT_ROOT'] != '/')) {
|
||||||
$tag['width'] = 0;
|
// fix image path
|
||||||
}
|
$findroot = strpos($imgsrc, $_SERVER['DOCUMENT_ROOT']);
|
||||||
if (!isset($tag['height'])) {
|
if (($findroot === false) OR ($findroot > 1)) {
|
||||||
$tag['height'] = 0;
|
if (substr($_SERVER['DOCUMENT_ROOT'], -1) == '/') {
|
||||||
}
|
$imgsrc = substr($_SERVER['DOCUMENT_ROOT'], 0, -1).$imgsrc;
|
||||||
//if (!isset($tag['attribute']['align'])) {
|
} else {
|
||||||
// the only alignment supported is "bottom"
|
$imgsrc = $_SERVER['DOCUMENT_ROOT'].$imgsrc;
|
||||||
// further development is required for other modes.
|
|
||||||
$tag['attribute']['align'] = 'bottom';
|
|
||||||
//}
|
|
||||||
switch($tag['attribute']['align']) {
|
|
||||||
case 'top': {
|
|
||||||
$align = 'T';
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
case 'middle': {
|
|
||||||
$align = 'M';
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
case 'bottom': {
|
|
||||||
$align = 'B';
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
default: {
|
|
||||||
$align = 'B';
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$prevy = $this->y;
|
|
||||||
$xpos = $this->x;
|
|
||||||
$imglink = '';
|
|
||||||
if (isset($this->HREF['url']) AND !TCPDF_STATIC::empty_string($this->HREF['url'])) {
|
|
||||||
$imglink = $this->HREF['url'];
|
|
||||||
if ($imglink[0] == '#') {
|
|
||||||
// convert url to internal link
|
|
||||||
$lnkdata = explode(',', $imglink);
|
|
||||||
if (isset($lnkdata[0])) {
|
|
||||||
$page = intval(substr($lnkdata[0], 1));
|
|
||||||
if (empty($page) OR ($page <= 0)) {
|
|
||||||
$page = $this->page;
|
|
||||||
}
|
|
||||||
if (isset($lnkdata[1]) AND (strlen($lnkdata[1]) > 0)) {
|
|
||||||
$lnky = floatval($lnkdata[1]);
|
|
||||||
} else {
|
|
||||||
$lnky = 0;
|
|
||||||
}
|
|
||||||
$imglink = $this->AddLink();
|
|
||||||
$this->SetLink($imglink, $lnky, $page);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
$imgsrc = urldecode($imgsrc);
|
||||||
$border = 0;
|
$testscrtype = @parse_url($imgsrc);
|
||||||
if (isset($tag['border']) AND !empty($tag['border'])) {
|
if (empty($testscrtype['query'])) {
|
||||||
// currently only support 1 (frame) or a combination of 'LTRB'
|
// convert URL to server path
|
||||||
$border = $tag['border'];
|
$imgsrc = str_replace(K_PATH_URL, K_PATH_MAIN, $imgsrc);
|
||||||
}
|
} elseif (preg_match('|^https?://|', $imgsrc) !== 1) {
|
||||||
$iw = '';
|
// convert URL to server path
|
||||||
if (isset($tag['width'])) {
|
$imgsrc = str_replace(K_PATH_MAIN, K_PATH_URL, $imgsrc);
|
||||||
$iw = $this->getHTMLUnitToUnits($tag['width'], ($tag['fontsize'] / $this->k), 'px', false);
|
|
||||||
}
|
|
||||||
$ih = '';
|
|
||||||
if (isset($tag['height'])) {
|
|
||||||
$ih = $this->getHTMLUnitToUnits($tag['height'], ($tag['fontsize'] / $this->k), 'px', false);
|
|
||||||
}
|
|
||||||
if (($type == 'eps') OR ($type == 'ai')) {
|
|
||||||
$this->ImageEps($tag['attribute']['src'], $xpos, $this->y, $iw, $ih, $imglink, true, $align, '', $border, true);
|
|
||||||
} elseif ($type == 'svg') {
|
|
||||||
$this->ImageSVG($tag['attribute']['src'], $xpos, $this->y, $iw, $ih, $imglink, $align, '', $border, true);
|
|
||||||
} else {
|
|
||||||
$this->Image($tag['attribute']['src'], $xpos, $this->y, $iw, $ih, '', $imglink, $align, false, 300, '', false, false, $border, false, false, true);
|
|
||||||
}
|
|
||||||
switch($align) {
|
|
||||||
case 'T': {
|
|
||||||
$this->y = $prevy;
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
case 'M': {
|
}
|
||||||
$this->y = (($this->img_rb_y + $prevy - ($this->getCellHeight($tag['fontsize'] / $this->k))) / 2);
|
// get image type
|
||||||
break;
|
$type = TCPDF_IMAGES::getImageFileType($imgsrc);
|
||||||
}
|
}
|
||||||
case 'B': {
|
if (!isset($tag['width'])) {
|
||||||
$this->y = $this->img_rb_y - ($this->getCellHeight($tag['fontsize'] / $this->k) - ($this->getFontDescent($tag['fontname'], $tag['fontstyle'], $tag['fontsize']) * $this->cell_height_ratio));
|
$tag['width'] = 0;
|
||||||
break;
|
}
|
||||||
|
if (!isset($tag['height'])) {
|
||||||
|
$tag['height'] = 0;
|
||||||
|
}
|
||||||
|
//if (!isset($tag['attribute']['align'])) {
|
||||||
|
// the only alignment supported is "bottom"
|
||||||
|
// further development is required for other modes.
|
||||||
|
$tag['attribute']['align'] = 'bottom';
|
||||||
|
//}
|
||||||
|
switch($tag['attribute']['align']) {
|
||||||
|
case 'top': {
|
||||||
|
$align = 'T';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case 'middle': {
|
||||||
|
$align = 'M';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case 'bottom': {
|
||||||
|
$align = 'B';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
default: {
|
||||||
|
$align = 'B';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$prevy = $this->y;
|
||||||
|
$xpos = $this->x;
|
||||||
|
$imglink = '';
|
||||||
|
if (isset($this->HREF['url']) AND !TCPDF_STATIC::empty_string($this->HREF['url'])) {
|
||||||
|
$imglink = $this->HREF['url'];
|
||||||
|
if ($imglink[0] == '#') {
|
||||||
|
// convert url to internal link
|
||||||
|
$lnkdata = explode(',', $imglink);
|
||||||
|
if (isset($lnkdata[0])) {
|
||||||
|
$page = intval(substr($lnkdata[0], 1));
|
||||||
|
if (empty($page) OR ($page <= 0)) {
|
||||||
|
$page = $this->page;
|
||||||
|
}
|
||||||
|
if (isset($lnkdata[1]) AND (strlen($lnkdata[1]) > 0)) {
|
||||||
|
$lnky = floatval($lnkdata[1]);
|
||||||
|
} else {
|
||||||
|
$lnky = 0;
|
||||||
|
}
|
||||||
|
$imglink = $this->AddLink();
|
||||||
|
$this->SetLink($imglink, $lnky, $page);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
$border = 0;
|
||||||
|
if (isset($tag['border']) AND !empty($tag['border'])) {
|
||||||
|
// currently only support 1 (frame) or a combination of 'LTRB'
|
||||||
|
$border = $tag['border'];
|
||||||
|
}
|
||||||
|
$iw = '';
|
||||||
|
if (isset($tag['width'])) {
|
||||||
|
$iw = $this->getHTMLUnitToUnits($tag['width'], ($tag['fontsize'] / $this->k), 'px', false);
|
||||||
|
}
|
||||||
|
$ih = '';
|
||||||
|
if (isset($tag['height'])) {
|
||||||
|
$ih = $this->getHTMLUnitToUnits($tag['height'], ($tag['fontsize'] / $this->k), 'px', false);
|
||||||
|
}
|
||||||
|
if (($type == 'eps') OR ($type == 'ai')) {
|
||||||
|
$this->ImageEps($imgsrc, $xpos, $this->y, $iw, $ih, $imglink, true, $align, '', $border, true);
|
||||||
|
} elseif ($type == 'svg') {
|
||||||
|
$this->ImageSVG($imgsrc, $xpos, $this->y, $iw, $ih, $imglink, $align, '', $border, true);
|
||||||
|
} else {
|
||||||
|
$this->Image($imgsrc, $xpos, $this->y, $iw, $ih, '', $imglink, $align, false, 300, '', false, false, $border, false, false, true);
|
||||||
|
}
|
||||||
|
switch($align) {
|
||||||
|
case 'T': {
|
||||||
|
$this->y = $prevy;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case 'M': {
|
||||||
|
$this->y = (($this->img_rb_y + $prevy - ($this->getCellHeight($tag['fontsize'] / $this->k))) / 2);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case 'B': {
|
||||||
|
$this->y = $this->img_rb_y - ($this->getCellHeight($tag['fontsize'] / $this->k) - ($this->getFontDescent($tag['fontname'], $tag['fontstyle'], $tag['fontsize']) * $this->cell_height_ratio));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case 'dl': {
|
case 'dl': {
|
||||||
@ -24207,9 +24228,12 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
|
|||||||
}
|
}
|
||||||
$img = urldecode($img);
|
$img = urldecode($img);
|
||||||
$testscrtype = @parse_url($img);
|
$testscrtype = @parse_url($img);
|
||||||
if (!isset($testscrtype['query']) OR empty($testscrtype['query'])) {
|
if (empty($testscrtype['query'])) {
|
||||||
// convert URL to server path
|
// convert URL to server path
|
||||||
$img = str_replace(K_PATH_URL, K_PATH_MAIN, $img);
|
$img = str_replace(K_PATH_URL, K_PATH_MAIN, $img);
|
||||||
|
} elseif (preg_match('|^https?://|', $img) !== 1) {
|
||||||
|
// convert server path to URL
|
||||||
|
$img = str_replace(K_PATH_MAIN, K_PATH_URL, $img);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// get image type
|
// get image type
|
||||||
|
@ -178,7 +178,7 @@ class scan_xml_parser
|
|||||||
/**
|
/**
|
||||||
* The previous stack element
|
* The previous stack element
|
||||||
*
|
*
|
||||||
* @var unknown
|
* @var string
|
||||||
*/
|
*/
|
||||||
var $previous = null;
|
var $previous = null;
|
||||||
|
|
||||||
@ -192,9 +192,9 @@ class scan_xml_parser
|
|||||||
/**
|
/**
|
||||||
* Construct
|
* Construct
|
||||||
*
|
*
|
||||||
* @param unknown $obj_in
|
* @param mixed $obj_in
|
||||||
* @param unknown $ste_id_in
|
* @param int $ste_id_in
|
||||||
* @param unknown $scan_fname
|
* @param string $scan_fname
|
||||||
*/
|
*/
|
||||||
function __construct($obj_in, $ste_id_in, $scan_fname)
|
function __construct($obj_in, $ste_id_in, $scan_fname)
|
||||||
{
|
{
|
||||||
|
101
install-dev.bat
Normal file
101
install-dev.bat
Normal file
@ -0,0 +1,101 @@
|
|||||||
|
@echo off
|
||||||
|
|
||||||
|
REM File: install-dev.bat
|
||||||
|
REM Author: Ryan Prather, Jeff Odegard
|
||||||
|
REM Purpose: Windows / XAMPP Installation Script
|
||||||
|
REM Created: Jan 5, 2015
|
||||||
|
|
||||||
|
REM Portions Copyright 2016-2019: Cyber Perspective, All rights reserved
|
||||||
|
REM Released under the Apache v2.0 License
|
||||||
|
|
||||||
|
REM Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
||||||
|
REM Portions Copyright (c) 2008-2011, Science Applications International Corporation (SAIC)
|
||||||
|
REM Released under Modified BSD License
|
||||||
|
|
||||||
|
REM See license.txt for details
|
||||||
|
|
||||||
|
REM Change Log:
|
||||||
|
REM - Jan 5, 2015 - File created
|
||||||
|
REM - Sep 1, 2016 - Copyright updated, added comments and file header
|
||||||
|
REM - Oct 7, 2016 - Copying Windows / XAMPP config.xml
|
||||||
|
REM - Nov 14, 2016 - Converted xcopy for config file to copy
|
||||||
|
REM - Nov 18, 2016 - Changed file moves to copies, removed deleting existing *.cgi & *.pl script in the CGI_PATH and deleting CONF folder
|
||||||
|
REM - Dec 12, 2016 - Removed pthreads library because it is no longer needed.
|
||||||
|
REM Rename existing Apache, MySQL/mariaDB, and PHP config files to .old before copying hardened files.
|
||||||
|
REM - Dec 13, 2016 - Fixed syntax of the rename command
|
||||||
|
REM - Dec 19, 2016 - Fixed copy syntax for config.xml file
|
||||||
|
REM - Jan 30, 2017 - Fixed error with copy of config-xampp-win.xml to config.xml where it required full path
|
||||||
|
REM - Apr 5, 2017 - Added mkdir for \xampp\php\logs directory (not included when installed)
|
||||||
|
REM - Jun 27, 2017 - Removed copy cgi-bin contents
|
||||||
|
REM - Sep 19, 2018 - Deleting unnecessary C:\xampp\htdocs folder.
|
||||||
|
REM - Oct 3, 2018 - Redirected deletion of htdocs folder to nul
|
||||||
|
REM - Nov 27, 2018 - Added php-dev.ini to conf folder and added prompts to allow for development installation
|
||||||
|
REM - Jan 10, 2019 - broke out the dev installation from install.bat and streamlined the installation process.
|
||||||
|
|
||||||
|
@echo The Sagacity dev configuration installs and enables php xdebug used for troubleshooting and development work.
|
||||||
|
echo.
|
||||||
|
@echo NOTE: The dev configuration will *noticably* impact Sagacity's performance.
|
||||||
|
@echo *** For a production environment, please use install.bat instead! ***
|
||||||
|
@echo.
|
||||||
|
|
||||||
|
@echo For your dev installation we also recommend installing QCacheGrindWin from
|
||||||
|
@echo.
|
||||||
|
@echo https://sourceforge.net/projects/qcachegrindwin/
|
||||||
|
@echo.
|
||||||
|
|
||||||
|
set /p dev="Do you want to install the dev configuration? (y/N) "
|
||||||
|
set result=0
|
||||||
|
if "%dev%"=="Y" (set result=1)
|
||||||
|
if "%dev%"=="y" (set result=1)
|
||||||
|
if "%dev%"=="Yes" (set result=1)
|
||||||
|
if "%dev%"=="YES" (set result=1)
|
||||||
|
if "%dev%"=="yes" (set result=1)
|
||||||
|
|
||||||
|
if "%result%"=="0" (
|
||||||
|
@echo Dev installation aborted.
|
||||||
|
@echo Please use install.bat for a production installation.
|
||||||
|
exit
|
||||||
|
)
|
||||||
|
|
||||||
|
@echo - Create PHP log folder
|
||||||
|
mkdir c:\xampp\php\logs
|
||||||
|
|
||||||
|
@echo - Copy Apache, MySQL/mariaDB, and PHP configuration files
|
||||||
|
@echo - Renaming the original config files to *.old.
|
||||||
|
|
||||||
|
rename c:\xampp\mysql\bin\my.ini my.ini.old
|
||||||
|
copy c:\xampp\www\conf\my.ini c:\xampp\mysql\bin\
|
||||||
|
|
||||||
|
@echo - Installing MySQL service
|
||||||
|
c:\xampp\mysql\bin\mysqld --install mysql --defaults-file="c:\xampp\mysql\bin\my.ini"
|
||||||
|
net start mysql
|
||||||
|
|
||||||
|
rename c:\xampp\apache\conf\httpd.conf httpd.conf.old
|
||||||
|
copy c:\xampp\www\conf\httpd.conf c:\xampp\apache\conf
|
||||||
|
rename c:\xampp\apache\conf\extra\httpd-ssl.conf httpd-ssl.conf.old
|
||||||
|
copy c:\xampp\www\conf\httpd-ssl.conf c:\xampp\apache\conf\extra
|
||||||
|
rename c:\xampp\apache\conf\extra\httpd-xampp.conf httpd-xampp.conf.old
|
||||||
|
copy c:\xampp\www\conf\httpd-xampp.conf c:\xampp\apache\conf\extra
|
||||||
|
rename c:\xampp\php\php.ini php.ini.old
|
||||||
|
|
||||||
|
copy c:\xampp\www\conf\php-dev.ini c:\xampp\php\php.ini
|
||||||
|
copy c:\xampp\www\conf\php_xdebug-2.6.0-7.2-vc15.dll c:\xampp\php\ext\php_xdebug-2.6.0-7.2-vc15.dll
|
||||||
|
|
||||||
|
@echo - Deleting unnecessary C:\xampp\htdocs folder.
|
||||||
|
del /F /S /Q c:\xampp\htdocs 1>nul
|
||||||
|
|
||||||
|
@echo - Installing Apache service
|
||||||
|
c:\xampp\apache\bin\httpd -k install
|
||||||
|
net start apache2.4
|
||||||
|
|
||||||
|
@echo.
|
||||||
|
@echo Thank you for installing Sagacity. We want to know what you think!
|
||||||
|
@echo Please contact us at https://www.cyberperspectives.com/contact_us
|
||||||
|
@echo.
|
||||||
|
@echo If you like this tool, please tell a friend or co-worker!
|
||||||
|
@echo.
|
||||||
|
|
||||||
|
set /p browser="Press enter to continue setup with http://localhost/setup.php"
|
||||||
|
|
||||||
|
start http://localhost
|
||||||
|
|
41
install.bat
41
install.bat
@ -5,7 +5,7 @@
|
|||||||
REM Purpose: Windows / XAMPP Installation Script
|
REM Purpose: Windows / XAMPP Installation Script
|
||||||
REM Created: Jan 5, 2015
|
REM Created: Jan 5, 2015
|
||||||
|
|
||||||
REM Portions Copyright 2016: Cyber Perspective, All rights reserved
|
REM Portions Copyright 2016-2019: Cyber Perspectives, LLC, All rights reserved
|
||||||
REM Released under the Apache v2.0 License
|
REM Released under the Apache v2.0 License
|
||||||
|
|
||||||
REM Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
REM Portions Copyright (c) 2012-2015, Salient Federal Solutions
|
||||||
@ -29,15 +29,21 @@
|
|||||||
REM - Jun 27, 2017 - Removed copy cgi-bin contents
|
REM - Jun 27, 2017 - Removed copy cgi-bin contents
|
||||||
REM - Sep 19, 2018 - Deleting unnecessary C:\xampp\htdocs folder.
|
REM - Sep 19, 2018 - Deleting unnecessary C:\xampp\htdocs folder.
|
||||||
REM - Oct 3, 2018 - Redirected deletion of htdocs folder to nul
|
REM - Oct 3, 2018 - Redirected deletion of htdocs folder to nul
|
||||||
|
REM - Nov 27, 2018 - Added php-dev.ini to conf folder and added prompts to allow for development installation
|
||||||
|
REM - Jan 10, 2019 - Separated the dev installation out into a separate script and streamlined the installation process.
|
||||||
|
|
||||||
|
REM To install the php xdebug development tools, use install-dev.bat
|
||||||
|
|
||||||
|
@echo - Create PHP log folder
|
||||||
mkdir c:\xampp\php\logs
|
mkdir c:\xampp\php\logs
|
||||||
|
|
||||||
echo This is now going to copy configuration files for Apache, MySQL/mariaDB, and PHP after renaming the files to *.old.
|
@echo - Copy Apache, MySQL/mariaDB, and PHP configuration files
|
||||||
|
@echo - Renaming the original config files to *.old.
|
||||||
|
|
||||||
rename c:\xampp\mysql\bin\my.ini my.ini.old
|
rename c:\xampp\mysql\bin\my.ini my.ini.old
|
||||||
copy c:\xampp\www\conf\my.ini c:\xampp\mysql\bin\
|
copy c:\xampp\www\conf\my.ini c:\xampp\mysql\bin\
|
||||||
|
|
||||||
@echo Installing MySQL service
|
@echo - Installing MySQL service
|
||||||
c:\xampp\mysql\bin\mysqld --install mysql --defaults-file="c:\xampp\mysql\bin\my.ini"
|
c:\xampp\mysql\bin\mysqld --install mysql --defaults-file="c:\xampp\mysql\bin\my.ini"
|
||||||
net start mysql
|
net start mysql
|
||||||
|
|
||||||
@ -49,28 +55,23 @@ rename c:\xampp\apache\conf\extra\httpd-xampp.conf httpd-xampp.conf.old
|
|||||||
copy c:\xampp\www\conf\httpd-xampp.conf c:\xampp\apache\conf\extra
|
copy c:\xampp\www\conf\httpd-xampp.conf c:\xampp\apache\conf\extra
|
||||||
rename c:\xampp\php\php.ini php.ini.old
|
rename c:\xampp\php\php.ini php.ini.old
|
||||||
copy c:\xampp\www\conf\php.ini c:\xampp\php
|
copy c:\xampp\www\conf\php.ini c:\xampp\php
|
||||||
|
del c:\xampp\www\conf\php_xdebug-2.6.0-7.2-vc15.dll 1>nul
|
||||||
|
|
||||||
echo Deleting unnecessary C:\xampp\htdocs folder.
|
@echo - Deleting unnecessary C:\xampp\htdocs folder.
|
||||||
del /F /S /Q c:\xampp\htdocs 1>nul
|
del /F /S /Q c:\xampp\htdocs 1>nul
|
||||||
|
|
||||||
@echo Installing Apache service
|
@echo - Installing Apache service
|
||||||
c:\xampp\apache\bin\httpd -k install
|
c:\xampp\apache\bin\httpd -k install
|
||||||
net start apache2.4
|
net start apache2.4
|
||||||
|
|
||||||
echo Thank you for installing Sagacity. We want to know what you think!
|
@echo.
|
||||||
echo Please contact us at https://www.cyberperspectives.com/contact_us
|
@echo Thank you for installing Sagacity. We want to know what you think!
|
||||||
echo.
|
@echo Please contact us at https://www.cyberperspectives.com/contact_us
|
||||||
echo If you like this tool, please tell a friend or co-worker!
|
@echo.
|
||||||
echo.
|
@echo If you like this tool, please tell a friend or co-worker!
|
||||||
set /p browser="Continue setup with http://localhost/setup.php? (Y/n) "
|
@echo.
|
||||||
|
|
||||||
set result=1
|
set /p foo="Press enter to continue setup."
|
||||||
if "%browser%"=="N" (set result=0)
|
|
||||||
if "%browser%"=="n" (set result=0)
|
start http://localhost
|
||||||
if "%browser%"=="no" (set result=0)
|
|
||||||
if "%browser%"=="No" (set result=0)
|
|
||||||
if "%browser%"=="NO" (set result=0)
|
|
||||||
|
|
||||||
if "%result%"=="1" (
|
|
||||||
start http://localhost
|
|
||||||
)
|
|
||||||
|
@ -55,27 +55,21 @@ set_time_limit(120);
|
|||||||
|
|
||||||
$db = new db();
|
$db = new db();
|
||||||
|
|
||||||
$sources = $db->get_Sources();
|
|
||||||
$task_status = $db->get_Task_Statuses();
|
|
||||||
|
|
||||||
$ste_id = filter_input(INPUT_POST, 'ste', FILTER_VALIDATE_INT);
|
$ste_id = filter_input(INPUT_POST, 'ste', FILTER_VALIDATE_INT);
|
||||||
if (!$ste_id) {
|
if (! $ste_id) {
|
||||||
$ste_id = filter_input(INPUT_COOKIE, 'ste', FILTER_VALIDATE_INT);
|
$ste_id = filter_input(INPUT_COOKIE, 'ste', FILTER_VALIDATE_INT);
|
||||||
}
|
}
|
||||||
$status = filter_input(INPUT_POST, 'status', FILTER_SANITIZE_STRING);
|
$status = filter_input(INPUT_POST, 'status', FILTER_SANITIZE_STRING);
|
||||||
$type = filter_input(INPUT_POST, 'type', FILTER_SANITIZE_STRING);
|
$type = filter_input(INPUT_POST, 'type', FILTER_SANITIZE_STRING);
|
||||||
$scans = [];
|
$scans = [];
|
||||||
|
|
||||||
if ($type != 'all' && $status != 'all') {
|
if ($type != 'all' && $status != 'all') {
|
||||||
$scans = $db->get_ScanData($ste_id, null, $status, $type);
|
$scans = $db->get_ScanData($ste_id, null, $status, $type);
|
||||||
}
|
} elseif ($type != 'all') {
|
||||||
elseif ($type != 'all') {
|
|
||||||
$scans = $db->get_ScanData($ste_id, null, null, $type);
|
$scans = $db->get_ScanData($ste_id, null, null, $type);
|
||||||
}
|
} elseif ($status != 'all') {
|
||||||
elseif ($status != 'all') {
|
|
||||||
$scans = $db->get_ScanData($ste_id, null, $status);
|
$scans = $db->get_ScanData($ste_id, null, $status);
|
||||||
}
|
} elseif (isset($ste_id)) {
|
||||||
elseif (isset($ste_id)) {
|
|
||||||
$scans = $db->get_ScanData($ste_id);
|
$scans = $db->get_ScanData($ste_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -86,76 +80,81 @@ $stes = $db->get_STE();
|
|||||||
|
|
||||||
<!-- add in page style tags for Results page size -->
|
<!-- add in page style tags for Results page size -->
|
||||||
<style type="text/css">
|
<style type="text/css">
|
||||||
.scan_type {
|
.scan_type {
|
||||||
width: 25px;
|
width: 25px;
|
||||||
}
|
}
|
||||||
|
|
||||||
#importBtn {
|
#importBtn {
|
||||||
margin: auto;
|
margin: auto;
|
||||||
width: 1200px;
|
width: 1200px;
|
||||||
text-align: right;
|
text-align: right;
|
||||||
}
|
}
|
||||||
|
|
||||||
#host_list_frame {
|
#host_list_frame {
|
||||||
width: 100%;
|
width: 100%;
|
||||||
height: 100%;
|
height: 100%;
|
||||||
}
|
}
|
||||||
|
|
||||||
#progress p {
|
#progress p {
|
||||||
width: 1000px;
|
width: 1000px;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Results Management list host button */
|
/* Results Management list host button */
|
||||||
.button-list {
|
.button-list {
|
||||||
display: inline-block;
|
display: inline-block;
|
||||||
outline: 0;
|
outline: 0;
|
||||||
white-space: nowrap;
|
white-space: nowrap;
|
||||||
background: #A4C1DD;
|
background: #A4C1DD;
|
||||||
box-shadow: inset 0px 0px 0px 1px #192364, 0px 2px 3px 0px rgba(0, 0, 0, 0.25);
|
box-shadow: inset 0px 0px 0px 1px #192364, 0px 2px 3px 0px
|
||||||
border: solid 1px #102D5F;
|
rgba(0, 0, 0, 0.25);
|
||||||
border-radius: 6px;
|
border: solid 1px #102D5F;
|
||||||
background-image: -moz-linear-gradient(top, #A4C1DD, #1D57A0);
|
border-radius: 6px;
|
||||||
background-image: -webkit-linear-gradient(top, #A4C1DD, #1D57A0);
|
background-image: -moz-linear-gradient(top, #A4C1DD, #1D57A0);
|
||||||
background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(#A4C1DD), to(#1D57A0));
|
background-image: -webkit-linear-gradient(top, #A4C1DD, #1D57A0);
|
||||||
background-image: -ms-linear-gradient(top, #A4C1DD, #1D57A0);
|
background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(#A4C1DD),
|
||||||
background-image: -o-linear-gradient(top, #A4C1DD, #1D57A0);
|
to(#1D57A0));
|
||||||
background-image: linear-gradient(top, #A4C1DD, #1D57A0);
|
background-image: -ms-linear-gradient(top, #A4C1DD, #1D57A0);
|
||||||
text-decoration: none;
|
background-image: -o-linear-gradient(top, #A4C1DD, #1D57A0);
|
||||||
text-shadow: -1px -1px 0 rgba(0, 0, 0, 0.5);
|
background-image: linear-gradient(top, #A4C1DD, #1D57A0);
|
||||||
font-size: 12pt;
|
text-decoration: none;
|
||||||
color: #fff;
|
text-shadow: -1px -1px 0 rgba(0, 0, 0, 0.5);
|
||||||
font-family: 'Yanone Kaffeesatz';
|
font-size: 12pt;
|
||||||
width: 70px;
|
color: #fff;
|
||||||
height: 30px;
|
font-family: 'Yanone Kaffeesatz';
|
||||||
}
|
width: 70px;
|
||||||
|
height: 30px;
|
||||||
|
}
|
||||||
|
|
||||||
/* Button mouseover Activity for scan table */
|
/* Button mouseover Activity for scan table */
|
||||||
.mouseover-scan {
|
.mouseover-scan {
|
||||||
background: #E55234;
|
background: #E55234;
|
||||||
box-shadow: inset 0px 0px 0px 1px #F5AC97, 0px 2px 3px 0px rgba(0, 0, 0, 0.25);
|
box-shadow: inset 0px 0px 0px 1px #F5AC97, 0px 2px 3px 0px
|
||||||
border: solid 1px #B72204;
|
rgba(0, 0, 0, 0.25);
|
||||||
border-radius: 6px;
|
border: solid 1px #B72204;
|
||||||
background-image: -moz-linear-gradient(top, #B41D08, #EB6541);
|
border-radius: 6px;
|
||||||
background-image: -webkit-linear-gradient(top, #B41D08, #EB6541);
|
background-image: -moz-linear-gradient(top, #B41D08, #EB6541);
|
||||||
background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(#B41D08), to(#EB6541));
|
background-image: -webkit-linear-gradient(top, #B41D08, #EB6541);
|
||||||
background-image: -ms-linear-gradient(top, #B41D08, #EB6541);
|
background-image: -webkit-gradient(linear, 0% 0%, 0% 100%, from(#B41D08),
|
||||||
background-image: -o-linear-gradient(top, #B41D08, #EB6541);
|
to(#EB6541));
|
||||||
background-image: linear-gradient(top, #B41D08, #EB6541);
|
background-image: -ms-linear-gradient(top, #B41D08, #EB6541);
|
||||||
}
|
background-image: -o-linear-gradient(top, #B41D08, #EB6541);
|
||||||
|
background-image: linear-gradient(top, #B41D08, #EB6541);
|
||||||
|
}
|
||||||
|
|
||||||
td span {
|
td span {
|
||||||
display: none;
|
display: none;
|
||||||
}
|
}
|
||||||
|
|
||||||
.checklist_image {
|
.checklist_image {
|
||||||
width: 32px;
|
width: 32px;
|
||||||
vertical-align: middle;
|
vertical-align: middle;
|
||||||
}
|
}
|
||||||
</style>
|
</style>
|
||||||
|
|
||||||
<script type='text/javascript'>
|
<script type='text/javascript'>
|
||||||
var to;
|
var to;
|
||||||
var table;
|
var table;
|
||||||
|
var button;
|
||||||
<?php if (NOTIFICATIONS && file_exists("complete.mp3")) { ?>
|
<?php if (NOTIFICATIONS && file_exists("complete.mp3")) { ?>
|
||||||
var audio = new Audio("complete.mp3");
|
var audio = new Audio("complete.mp3");
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
@ -211,16 +210,19 @@ $stes = $db->get_STE();
|
|||||||
for (var x in data.results) {
|
for (var x in data.results) {
|
||||||
var kill = '';
|
var kill = '';
|
||||||
var scan_id = data.results[x].scan_id;
|
var scan_id = data.results[x].scan_id;
|
||||||
if ($('#id-' + scan_id).length) {
|
var row = table.row('#id-' + scan_id);
|
||||||
var cur_status = table.cell(table.rows('#id-' + scan_id), 5).data();
|
if(row.length) {
|
||||||
table.cell(table.rows('#id-' + scan_id), 4).data(data.results[x].run_time);
|
var idx = row.index();
|
||||||
table.cell(table.rows('#id-' + scan_id), 5).data(data.results[x].status);
|
tmp = row.data();
|
||||||
table.cell(table.rows('#id-' + scan_id), 6).data("<progress min='0' max='100' value='" + data.results[x].perc_comp + "' title='" + data.results[x].perc_comp + "%'></progress><span>" + data.results[x].perc_comp + "</span>");
|
var cur_status = tmp[5];
|
||||||
|
tmp[4] = data.results[x].run_time;
|
||||||
|
tmp[5] = data.results[x].status;
|
||||||
|
tmp[6] = "<progress min='0' max='100' value='" + data.results[x].perc_comp + "' title='" + data.results[x].perc_comp + "%'></progress><span>" + data.results[x].perc_comp + "</span>";
|
||||||
kill = $('#action-' + scan_id + ' .kill');
|
kill = $('#action-' + scan_id + ' .kill');
|
||||||
if (data.results[x].status === 'RUNNING' && !kill.length) {
|
if (data.results[x].status === 'RUNNING' && !kill.length) {
|
||||||
$('#action-' + scan_id).append("<a class='kill-link' href='kill.php?ste=<?php print $ste_id; ?>&id=" + scan_id + "&pid=" + data.results[x].pid + "' target='_blank'>" +
|
tmp[7] += "<a class='kill-link' href='kill.php?ste=<?php print $ste_id; ?>&id=" + scan_id + "&pid=" + data.results[x].pid + "' target='_blank'>" +
|
||||||
"<img class='kill checklist_image' src='/img/X.png' style='vertical-align:middle;' title='Kill' />" +
|
"<img class='kill checklist_image' src='/img/X.png' style='vertical-align:middle;' title='Kill' />" +
|
||||||
"</a>");
|
"</a>";
|
||||||
}
|
}
|
||||||
else if (cur_status === 'RUNNING' && data.results[x].status === 'COMPLETE') {
|
else if (cur_status === 'RUNNING' && data.results[x].status === 'COMPLETE') {
|
||||||
$('#action-' + scan_id + '.kill-link').remove();
|
$('#action-' + scan_id + '.kill-link').remove();
|
||||||
@ -228,6 +230,7 @@ $stes = $db->get_STE();
|
|||||||
audio.play();
|
audio.play();
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
}
|
}
|
||||||
|
table.row(idx).invalidate(tmp).draw(false);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if ($('#status').val() && $('#type').val()) {
|
if ($('#status').val() && $('#type').val()) {
|
||||||
@ -266,25 +269,23 @@ $stes = $db->get_STE();
|
|||||||
row.append("<td class='dt-body-center' id='action-" + scan_id + "'>" +
|
row.append("<td class='dt-body-center' id='action-" + scan_id + "'>" +
|
||||||
(data.results[x].error ? "<img src='/img/error.png' class='checklist_image' onclick='javascript:List_host(" + scan_id + ");' />" : "") +
|
(data.results[x].error ? "<img src='/img/error.png' class='checklist_image' onclick='javascript:List_host(" + scan_id + ");' />" : "") +
|
||||||
"<a href='javascript:void(0);' title='Host Listing' onclick='javascript:List_host(" + scan_id + ");'><img src='/img/options.png' class='checklist_image' /></a> " +
|
"<a href='javascript:void(0);' title='Host Listing' onclick='javascript:List_host(" + scan_id + ");'><img src='/img/options.png' class='checklist_image' /></a> " +
|
||||||
"<form method='post' action='index.php' onsubmit='return del_scan(this);' style='display:inline;'>" +
|
"<img src='/img/delete.png' class='checklist_image' " +
|
||||||
"<input type='hidden' name='ste' value='<?php print $ste_id ?>' />" +
|
"onclick='scan_id=" + scan_id + ";del_scan($(this));' " +
|
||||||
"<input type='hidden' name='delete_scan' value='" + scan_id + "' />" +
|
"title='Delete a scan file' />"
|
||||||
"<input type='hidden' name='delete_targets' value='0' />" +
|
+ kill
|
||||||
"<input type='image' class='checklist_image' src='/img/delete.png' border='0' alt='Delete' />" +
|
|
||||||
"</form>" + kill
|
|
||||||
);
|
);
|
||||||
table.row.add(row[0]);
|
table.row.add(row[0]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
table.order(table.order()[0]).draw();
|
table.order(table.order()[0]).draw(false);
|
||||||
$('.button-delete,.button-list').mouseover(function () {
|
$('.button-delete,.button-list').mouseover(function () {
|
||||||
$(this).addClass('mouseover-scan');
|
$(this).addClass('mouseover-scan');
|
||||||
});
|
});
|
||||||
$('.button-delete,.button-list').mouseout(function () {
|
$('.button-delete,.button-list').mouseout(function () {
|
||||||
$(this).removeClass('mouseover-scan');
|
$(this).removeClass('mouseover-scan');
|
||||||
});
|
});
|
||||||
if ($('#toggle_refresh').val() === 'Stop Refresh') {
|
if ($('#toggle_refresh').val() === 'Stop Refresh' && (!$('#delete-target-confirm').dialog('isOpen') || !$('#delete-scan-confirm').dialog('isOpen'))) {
|
||||||
to = setTimeout(update_script_status, <?php print UPDATE_FREQ * 1000; ?>);
|
to = setTimeout(update_script_status, <?php print UPDATE_FREQ * 1000; ?>);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
@ -296,8 +297,7 @@ $stes = $db->get_STE();
|
|||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
//timeout: 5000,
|
//timeout: 5000,
|
||||||
method: 'post'
|
method: 'post'
|
||||||
}
|
});
|
||||||
);
|
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
@ -329,8 +329,8 @@ $stes = $db->get_STE();
|
|||||||
<form method="post" action="index.php">
|
<form method="post" action="index.php">
|
||||||
ST&E Name:
|
ST&E Name:
|
||||||
<select name='ste' style='width: 400px;' id="ste"
|
<select name='ste' style='width: 400px;' id="ste"
|
||||||
onchange="setCookie('ste', this.value);this.form.submit();">
|
onchange="setCookie('ste', this.value);this.form.submit();">
|
||||||
<option value='0'> -- Please Select an ST&E -- </option>
|
<option value='0'>-- Please Select an ST&E --</option>
|
||||||
<?php
|
<?php
|
||||||
if (is_array($stes) && count($stes)) {
|
if (is_array($stes) && count($stes)) {
|
||||||
foreach ($stes as $ste) {
|
foreach ($stes as $ste) {
|
||||||
@ -348,23 +348,26 @@ $stes = $db->get_STE();
|
|||||||
</div>
|
</div>
|
||||||
<div id="importBtn">
|
<div id="importBtn">
|
||||||
<!-- Results tab Import Button -->
|
<!-- Results tab Import Button -->
|
||||||
<input type='button' class="button" value='Stop Refresh'
|
<input type='button' class="button"
|
||||||
id="toggle_refresh" onclick="javascript:toggle_refresh();" />
|
value='Stop Refresh' id="toggle_refresh"
|
||||||
<input type='button' class='button' value='Import'
|
onclick="javascript:toggle_refresh();" />
|
||||||
onclick="javascript:add_import();" />
|
<input type='button' class='button'
|
||||||
|
value='Import'
|
||||||
|
onclick="javascript:add_import();" />
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div style='margin:20px auto auto auto;width:1200px;'>
|
<div style='margin: 20px auto auto auto; width: 1200px;'>
|
||||||
<table id="results-table" class='display compact hover' data-order='[[ 3, "desc" ]]' data-page-length='25'>
|
<table id="results-table" class='display compact hover'
|
||||||
|
data-page-length='25'>
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<th style='width:325px;'>Name</th>
|
<th style='width: 325px;'>Name</th>
|
||||||
<th style='width:75px;'>Date</th>
|
<th style='width: 75px;'>Date</th>
|
||||||
<th style='width:65px;'>
|
<th style='width: 65px;'>
|
||||||
<select id='type' style='width:60px;'>
|
<select id='type' style='width: 60px;'>
|
||||||
<option value=''>TYPE</option>
|
<option value=''>TYPE</option>
|
||||||
<option>Data Collection</option>
|
<option>Data Collection</option>
|
||||||
<option>eChecklist</option>
|
<option>eChecklist</option>
|
||||||
@ -379,10 +382,10 @@ $stes = $db->get_STE();
|
|||||||
<option>STIG Viewer</option>
|
<option>STIG Viewer</option>
|
||||||
</select>
|
</select>
|
||||||
</th>
|
</th>
|
||||||
<th style='width:65px;'>Start</th>
|
<th style='width: 65px;'>Start</th>
|
||||||
<th>Running</th>
|
<th>Running</th>
|
||||||
<th style='width:80px;'>
|
<th style='width: 80px;'>
|
||||||
<select id='status' style='width:75px;'>
|
<select id='status' style='width: 75px;'>
|
||||||
<option value=''>STATUS</option>
|
<option value=''>STATUS</option>
|
||||||
<option>IN QUEUE</option>
|
<option>IN QUEUE</option>
|
||||||
<option>RUNNING</option>
|
<option>RUNNING</option>
|
||||||
@ -393,8 +396,11 @@ $stes = $db->get_STE();
|
|||||||
</th>
|
</th>
|
||||||
<th>% Comp</th>
|
<th>% Comp</th>
|
||||||
<th>Action
|
<th>Action
|
||||||
<a href="kill.php?pid=*&ste=<?php print (isset($ste_id) ? $ste_id : '0'); ?>" target='_new'>
|
<a href="kill.php?pid=*&ste=<?php print (isset($ste_id) ? $ste_id : '0'); ?>"
|
||||||
<img src='/img/X.png' class='checklist_image' style='vertical-align:middle;' title='Kill and Remove All' />
|
target='_new'>
|
||||||
|
<img src='/img/X.png' class='checklist_image'
|
||||||
|
style='vertical-align: middle;'
|
||||||
|
title='Kill and Remove All' />
|
||||||
</a>
|
</a>
|
||||||
</th>
|
</th>
|
||||||
</tr>
|
</tr>
|
||||||
@ -406,36 +412,45 @@ $stes = $db->get_STE();
|
|||||||
$diff = $scan->get_Last_Update()->diff($scan->get_Start_Time());
|
$diff = $scan->get_Last_Update()->diff($scan->get_Start_Time());
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<tr id='<?php print "id-{$scan->get_ID()}"; ?>'>
|
<tr id='<?php print "id-{$scan->get_ID()}"; ?>'>
|
||||||
<td title='<?php print $scan->get_Notes(); ?>'><?php print $scan->get_File_Name(); ?></td>
|
<td title='<?php print $scan->get_Notes(); ?>'><?php print $scan->get_File_Name(); ?></td>
|
||||||
<td><?php print $scan->get_File_DateTime()->format("Y-m-d"); ?></td>
|
<td><?php print $scan->get_File_DateTime()->format("Y-m-d"); ?></td>
|
||||||
<td class='dt-body-center'>
|
<td class='dt-body-center'>
|
||||||
<img class='scan_type' src='/img/scan_types/<?php print $scan->get_Source()->get_Icon(); ?>' title='<?php print $scan->get_Source()->get_Name(); ?>' /><br />
|
<img class='scan_type' src='/img/scan_types/<?php print $scan->get_Source()->get_Icon(); ?>'
|
||||||
<span><?php print $scan->get_Source()->get_Name(); ?></span>
|
title='<?php print $scan->get_Source()->get_Name(); ?>' /><br />
|
||||||
</td>
|
<span><?php print $scan->get_Source()->get_Name(); ?></span>
|
||||||
<td><?php print $scan->get_Start_Time()->format("y-m-d H:i:s"); ?></td>
|
</td>
|
||||||
<td><?php print (!is_null($diff) ? $diff->format("%H:%I:%S") : ""); ?></td>
|
<td><?php print $scan->get_Start_Time()->format("y-m-d H:i:s"); ?></td>
|
||||||
<td><?php print $scan->get_Status(); ?></td>
|
<td><?php print (!is_null($diff) ? $diff->format("%H:%I:%S") : ""); ?></td>
|
||||||
<td>
|
<td><?php print $scan->get_Status(); ?></td>
|
||||||
<progress min='0' max='100' value='<?php print $scan->get_Percentage_Complete(); ?>' title='<?php print $scan->get_Percentage_Complete(); ?>%'></progress>
|
<td>
|
||||||
<span><?php print $scan->get_Percentage_Complete(); ?></span>
|
<progress min='0' max='100'
|
||||||
</td>
|
value='<?php print $scan->get_Percentage_Complete(); ?>'
|
||||||
<td class='dt-body-center' id="action-<?php print $scan->get_ID(); ?>">
|
title='<?php print $scan->get_Percentage_Complete(); ?>%'></progress>
|
||||||
<?php if ($scan->isScanError()) { ?>
|
<span><?php print $scan->get_Percentage_Complete(); ?></span>
|
||||||
<img src='/img/error.png' class='checklist_image' onclick='javascript:List_host(<?php print $scan->get_ID(); ?>);' />
|
</td>
|
||||||
<?php } ?>
|
<td class='dt-body-center' id="action-<?php print $scan->get_ID(); ?>">
|
||||||
<a href='javascript:void(0);' title='Host Listing' onclick='javascript:List_host(<?php print $scan->get_ID(); ?>);'>
|
<?php if ($scan->isScanError()) { ?>
|
||||||
<img src='/img/options.png' class='checklist_image' title='See what hosts are on this target' />
|
<img src='/img/error.png' class='checklist_image'
|
||||||
</a>
|
onclick='javascript:List_host(<?php print $scan->get_ID(); ?>);' />
|
||||||
|
<?php } ?>
|
||||||
<img src='/img/delete.png' class='checklist_image' onclick='scan_id =<?php print $scan->get_ID(); ?>;del_scan();' title='Delete a scan file' />
|
<a href='javascript:void(0);' title='Host Listing'
|
||||||
<?php if ($scan->get_Status() == 'RUNNING') { ?>
|
onclick='javascript:List_host(<?php print $scan->get_ID(); ?>);'>
|
||||||
<a class='kill-link' href='kill.php?<?php print "ste={$ste_id}&id={$scan->get_ID()}&pid={$scan->get_PID()}"; ?>' target='_blank'>
|
<img src='/img/options.png' class='checklist_image'
|
||||||
<img src='/img/X.png' class='kill checklist_image' style='vertical-align:middle;' title='Kill' />
|
title='See what hosts are on this target' />
|
||||||
</a>
|
</a>
|
||||||
<?php } ?>
|
<img src='/img/delete.png' class='checklist_image'
|
||||||
</td>
|
onclick='scan_id=<?php print $scan->get_ID(); ?>;del_scan($(this));'
|
||||||
</tr>
|
title='Delete a scan file' />
|
||||||
|
<?php if ($scan->get_Status() == 'RUNNING') { ?>
|
||||||
|
<a class='kill-link' target='_blank'
|
||||||
|
href='kill.php?<?php print "ste={$ste_id}&id={$scan->get_ID()}&pid={$scan->get_PID()}"; ?>'>
|
||||||
|
<img src='/img/X.png' class='kill checklist_image'
|
||||||
|
style='vertical-align: middle;' title='Kill' />
|
||||||
|
</a>
|
||||||
|
<?php } ?>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -460,6 +475,18 @@ $stes = $db->get_STE();
|
|||||||
$(this).removeClass('mouseover-scan');
|
$(this).removeClass('mouseover-scan');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
$('#delete-target-confirm').on('dialogclose', function(e) {
|
||||||
|
if ($('#toggle_refresh').val() === 'Stop Refresh' && !$('#delete-scan-confirm').dialog('isOpen')) {
|
||||||
|
to = setTimeout(update_script_status, <?php print UPDATE_FREQ * 1000; ?>);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
$('#delete-scan-confirm').on('dialogclose', function(e) {
|
||||||
|
if ($('#toggle_refresh').val() === 'Stop Refresh') {
|
||||||
|
to = setTimeout(update_script_status, <?php print UPDATE_FREQ * 1000; ?>);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
$('#delete-target-confirm').dialog({
|
$('#delete-target-confirm').dialog({
|
||||||
autoOpen: false,
|
autoOpen: false,
|
||||||
resizable: false,
|
resizable: false,
|
||||||
@ -473,9 +500,13 @@ $stes = $db->get_STE();
|
|||||||
$(this).dialog('close');
|
$(this).dialog('close');
|
||||||
},
|
},
|
||||||
'No': function () {
|
'No': function () {
|
||||||
|
delete_targets = false;
|
||||||
$('#delete-scan-confirm').dialog('open');
|
$('#delete-scan-confirm').dialog('open');
|
||||||
$(this).dialog('close');
|
$(this).dialog('close');
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
open: function() {
|
||||||
|
$(this).parent().find('.ui-dialog-buttonpane button:eq(1)').focus();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -499,7 +530,7 @@ $stes = $db->get_STE();
|
|||||||
alert(data.error);
|
alert(data.error);
|
||||||
}
|
}
|
||||||
else if (data.success) {
|
else if (data.success) {
|
||||||
//alert(data.success);
|
table.row($(button).closest('tr').index()).remove().draw();
|
||||||
$('#id-' + scan_id).remove();
|
$('#id-' + scan_id).remove();
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
@ -509,29 +540,47 @@ $stes = $db->get_STE();
|
|||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
method: 'post'
|
method: 'post'
|
||||||
});
|
});
|
||||||
if ($('#toggle_refresh').val() === 'Stop Refresh') {
|
|
||||||
to = setTimeout(update_script_status, <?php print UPDATE_FREQ * 1000; ?>);
|
|
||||||
}
|
|
||||||
$(this).dialog('close');
|
$(this).dialog('close');
|
||||||
},
|
},
|
||||||
Cancel: function () {
|
Cancel: function () {
|
||||||
$(this).dialog('close');
|
$(this).dialog('close');
|
||||||
if ($('#toggle_refresh').val() === 'Stop Refresh') {
|
|
||||||
to = setTimeout(update_script_status, <?php print UPDATE_FREQ * 1000; ?>);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
open: function() {
|
||||||
|
$(this).parent().find('.ui-dialog-buttonpane button:eq(1)').focus();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
function del_scan(pressed_button) {
|
||||||
|
if ($('#toggle_refresh').val() == 'Stop Refresh') {
|
||||||
|
clearTimeout(to);
|
||||||
|
to = null;
|
||||||
|
}
|
||||||
|
button = pressed_button;
|
||||||
|
$('#delete-target-confirm').dialog('open');
|
||||||
|
}
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<div id='delete-target-confirm' title='Delete associated targets?'>
|
<div id='delete-target-confirm' title='Delete associated targets?'>
|
||||||
<p><span class='ui-icon ui-icon-alert' style='float:left;margin:12px 12px 20px 0;'></span> Do you want to delete the associated targets?</p><br />
|
<p>
|
||||||
<p>WARNING: This will delete ALL targets in this scan and all associated data even if it was imported from another scan. This action is irreversible</p>
|
<span class='ui-icon ui-icon-alert'
|
||||||
|
style='float: left; margin: 12px 12px 20px 0;'></span> Do
|
||||||
|
you want to delete the associated targets?
|
||||||
|
</p>
|
||||||
|
<br />
|
||||||
|
<p>WARNING: This will delete ALL targets in this scan and all
|
||||||
|
associated data even if it was imported from another scan. This
|
||||||
|
action is irreversible</p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div id='delete-scan-confirm' title='Delete this scan?'>
|
<div id='delete-scan-confirm' title='Delete this scan?'>
|
||||||
<p><span class='ui-icon ui-icon-alert' style='float:left;margin:12px 12px 20px 0;'></span> Are you sure you want to delete this scan?</p>
|
<p>
|
||||||
|
<span class='ui-icon ui-icon-alert'
|
||||||
|
style='float: left; margin: 12px 12px 20px 0;'></span> Are
|
||||||
|
you sure you want to delete this scan?
|
||||||
|
</p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<!-- code for list button -->
|
<!-- code for list button -->
|
||||||
|
@ -66,11 +66,3 @@ function add_import() {
|
|||||||
$('#import').css('display', 'block');
|
$('#import').css('display', 'block');
|
||||||
view_box();
|
view_box();
|
||||||
}
|
}
|
||||||
|
|
||||||
function del_scan(form) {
|
|
||||||
if ($('#toggle_refresh').val() == 'Stop Refresh') {
|
|
||||||
clearTimeout(to);
|
|
||||||
to = null;
|
|
||||||
}
|
|
||||||
$('#delete-target-confirm').dialog('open');
|
|
||||||
}
|
|
||||||
|
4
results/results_script.min.js
vendored
4
results/results_script.min.js
vendored
@ -1,2 +1,2 @@
|
|||||||
|
$(function(){$(".close, .backdrop").click(function(){close_box();});});function List_host(scan_id){$("#host_list_frame").attr("src","host_list_iframe.php?ste="+$("#ste").val()+"&scan_id="+scan_id);$("#host_list_div").animate({"opacity":"1.00"},300,"linear");$("#host_list_div").css("display","block");view_box();}function close_box(){$(".backdrop, .box").animate({"opacity":"0"},300,"linear",function(){$(".backdrop, .box").css("display","none");});$(".dz-complete").remove();$(".dz-message").show();}function view_box(){$(".backdrop").animate({"opacity":".5"},300,"linear");
|
||||||
$(function(){$(".close, .backdrop").click(function(){close_box()})});function List_host(a){$("#host_list_frame").attr("src","host_list_iframe.php?ste="+$("#ste").val()+"&scan_id="+a);$("#host_list_div").animate({opacity:"1.00"},300,"linear");$("#host_list_div").css("display","block");view_box()}function close_box(){$(".backdrop, .box").animate({opacity:"0"},300,"linear",function(){$(".backdrop, .box").css("display","none")});$(".dz-complete").remove();$(".dz-message").show()}function view_box(){$(".backdrop").animate({opacity:".5"},300,"linear");$(".backdrop").css("display","block")}function add_import(){if($("#ste").val()<1){alert("Please select an ST&E");return}$("#add_import").val($("#ste").val());$("#import").animate({opacity:"1.00"},300,"linear");$("#import").css("display","block");view_box()}function del_scan(a){if($("#toggle_refresh").val()=="Stop Refresh"){clearTimeout(to);to=null}$("#delete-target-confirm").dialog("open")};
|
$(".backdrop").css("display","block");}function add_import(){if($("#ste").val()<1){alert("Please select an ST&E");return;}$("#add_import").val($("#ste").val());$("#import").animate({"opacity":"1.00"},300,"linear");$("#import").css("display","block");view_box();}
|
20
setup.php
20
setup.php
@ -70,14 +70,15 @@ EOO;
|
|||||||
$fail = true;
|
$fail = true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$algorithms = ["AES-256-CBC-HMAC-SHA256", "AES-256-CBC-HMAC-SHA1", "AES-256-CBC"];
|
$algorithms = ["aes-256-cbc-hmac-sha256", "aec-256-cbc-hmac-sha1", "aes-256-cbc"];
|
||||||
if (in_array($algorithms[0], openssl_get_cipher_methods())) {
|
$ciphers = array_map('strtolower', openssl_get_cipher_methods());
|
||||||
|
if (in_array($algorithms[0], $ciphers)) {
|
||||||
$idx = 0;
|
$idx = 0;
|
||||||
}
|
}
|
||||||
elseif (in_array($algorithms[1], openssl_get_cipher_methods())) {
|
elseif (in_array($algorithms[1], $ciphers)) {
|
||||||
$idx = 1;
|
$idx = 1;
|
||||||
}
|
}
|
||||||
elseif (in_array($algorithms[2], openssl_get_cipher_methods())) {
|
elseif (in_array($algorithms[2], $ciphers)) {
|
||||||
$idx = 2;
|
$idx = 2;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -112,7 +113,7 @@ EOO;
|
|||||||
|
|
||||||
if (!class_exists('ZipArchive')) {
|
if (!class_exists('ZipArchive')) {
|
||||||
print <<<EOO
|
print <<<EOO
|
||||||
The PHP ZipArchive moduel is not installed or enabled.<br />
|
The PHP ZipArchive module is not installed or enabled.<br />
|
||||||
Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this.<br /><br />
|
Visit <a href='/?phpinfo=1'>PHPInfo</a> to double-check this.<br /><br />
|
||||||
EOO;
|
EOO;
|
||||||
$fail = true;
|
$fail = true;
|
||||||
@ -127,7 +128,7 @@ EOO;
|
|||||||
}
|
}
|
||||||
elseif (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
|
elseif (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
|
||||||
try {
|
try {
|
||||||
$com = new COM("WScript.Shell");
|
new COM("WScript.Shell");
|
||||||
}
|
}
|
||||||
catch (Exception $e) {
|
catch (Exception $e) {
|
||||||
print <<<EOO
|
print <<<EOO
|
||||||
@ -170,7 +171,6 @@ EOO;
|
|||||||
$fail = true;
|
$fail = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
$match = [];
|
|
||||||
$mem_limit = return_bytes(ini_get("memory_limit"));
|
$mem_limit = return_bytes(ini_get("memory_limit"));
|
||||||
$gig = return_bytes('1G');
|
$gig = return_bytes('1G');
|
||||||
if ($mem_limit < $gig) {
|
if ($mem_limit < $gig) {
|
||||||
@ -347,10 +347,10 @@ EOL;
|
|||||||
|
|
||||||
switch ($step) {
|
switch ($step) {
|
||||||
case 2:
|
case 2:
|
||||||
print " $('#tabs').tabs('disable', 1);" . PHP_EOL;
|
print "$('#tabs').tabs('disable', 1);" . PHP_EOL;
|
||||||
case 1:
|
case 1:
|
||||||
print " $('#tabs').tabs('disable', 0);" . PHP_EOL;
|
print "$('#tabs').tabs('disable', 0);" . PHP_EOL;
|
||||||
print " setTimeout(function(){enable_next(current_step);}, 3000);" . PHP_EOL;
|
print "setTimeout(function(){enable_next(current_step);}, 3000);" . PHP_EOL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -334,8 +334,6 @@ include_once 'header.inc';
|
|||||||
<li>Click the Save button</li>
|
<li>Click the Save button</li>
|
||||||
</ol>
|
</ol>
|
||||||
|
|
||||||
<input type='button' name='update_bulk' value='Save' onclick='validate_bulk();' />
|
|
||||||
|
|
||||||
<table>
|
<table>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr>
|
<tr>
|
||||||
@ -415,7 +413,7 @@ include_once 'header.inc';
|
|||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<th title='Select to change' style='vertical-align:bottom;'>
|
<th title='Select to change' style='vertical-align:bottom;'>
|
||||||
Checklists:<br />
|
Checklists:<br /><span style='font-size: 10pt;'>(control + click to select multiple)</span><br />
|
||||||
<input type='text' name='chk_filter' id='chk_filter' placeholder="Filter..." onkeyup="javascript:filter_checklists($('#hide_old').is(':checked'));" style='width:132px;' /><br />
|
<input type='text' name='chk_filter' id='chk_filter' placeholder="Filter..." onkeyup="javascript:filter_checklists($('#hide_old').is(':checked'));" style='width:132px;' /><br />
|
||||||
Remove Existing Checklists:
|
Remove Existing Checklists:
|
||||||
<input type='checkbox' name='remove_existing' value='1' />
|
<input type='checkbox' name='remove_existing' value='1' />
|
||||||
@ -424,8 +422,9 @@ include_once 'header.inc';
|
|||||||
<select name='checklists[]' class='checklists' id="checklists" multiple='multiple'>
|
<select name='checklists[]' class='checklists' id="checklists" multiple='multiple'>
|
||||||
<?php
|
<?php
|
||||||
$all_chks = $db->get_Checklist();
|
$all_chks = $db->get_Checklist();
|
||||||
foreach ($all_chks as $key => $chk):print $chk->print_Option();
|
/** @var checklist $chk */
|
||||||
endforeach;
|
foreach ($all_chks as $chk)
|
||||||
|
print $chk->print_Option();
|
||||||
?>
|
?>
|
||||||
</select>
|
</select>
|
||||||
</td>
|
</td>
|
||||||
@ -439,6 +438,8 @@ include_once 'header.inc';
|
|||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
|
<input type='button' name='update_bulk' value='Save' onclick='validate_bulk();' />
|
||||||
|
|
||||||
<table class=''>
|
<table class=''>
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
|
@ -29,6 +29,7 @@
|
|||||||
* fixed invalid function call to stringFromColumnIndex as it was moved to a different class and changed to 1-based instead of 0-based,
|
* fixed invalid function call to stringFromColumnIndex as it was moved to a different class and changed to 1-based instead of 0-based,
|
||||||
* syntax updates, updated PDF writer to Tcpdf class, added die if constant ECHECKLIST_FORMAT is not set as expected
|
* syntax updates, updated PDF writer to Tcpdf class, added die if constant ECHECKLIST_FORMAT is not set as expected
|
||||||
* - Jan 15, 2018 - Formatting, updated use statements, not seeing behavior explained in #373
|
* - Jan 15, 2018 - Formatting, updated use statements, not seeing behavior explained in #373
|
||||||
|
* - Nov 8, 2018 - Minor change to OS listing and added add_cell_comment method to migrate scanner notes to a comment instead of the main note (separating the scanner and anaylst comments)
|
||||||
*/
|
*/
|
||||||
include_once 'config.inc';
|
include_once 'config.inc';
|
||||||
include_once 'database.inc';
|
include_once 'database.inc';
|
||||||
@ -43,9 +44,12 @@ use PhpOffice\PhpSpreadsheet\Writer\Ods;
|
|||||||
use PhpOffice\PhpSpreadsheet\Writer\Csv;
|
use PhpOffice\PhpSpreadsheet\Writer\Csv;
|
||||||
use PhpOffice\PhpSpreadsheet\Writer\Html;
|
use PhpOffice\PhpSpreadsheet\Writer\Html;
|
||||||
use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
|
use PhpOffice\PhpSpreadsheet\Cell\Coordinate;
|
||||||
|
use PhpOffice\PhpSpreadsheet\Worksheet;
|
||||||
use Monolog\Logger;
|
use Monolog\Logger;
|
||||||
use Monolog\Handler\StreamHandler;
|
use Monolog\Handler\StreamHandler;
|
||||||
|
|
||||||
|
global $conditions, $validation, $borders;
|
||||||
|
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
$db = new db();
|
$db = new db();
|
||||||
$emass_ccis = null;
|
$emass_ccis = null;
|
||||||
@ -137,7 +141,6 @@ $host_status = array(
|
|||||||
foreach ($findings as $worksheet_name => $data) {
|
foreach ($findings as $worksheet_name => $data) {
|
||||||
$log->debug("Looping through worksheet $worksheet_name");
|
$log->debug("Looping through worksheet $worksheet_name");
|
||||||
$chk_arr = [];
|
$chk_arr = [];
|
||||||
$named_range = '';
|
|
||||||
|
|
||||||
// Build the "Checklist" cell string with titles of all checklists on this worksheet
|
// Build the "Checklist" cell string with titles of all checklists on this worksheet
|
||||||
foreach ($data['checklists'] as $key => $chk_id) {
|
foreach ($data['checklists'] as $key => $chk_id) {
|
||||||
@ -263,7 +266,7 @@ foreach ($findings as $worksheet_name => $data) {
|
|||||||
$row++;
|
$row++;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sheet->setDataValidation("{$col}11:{$col}{$row}", clone $validation['host_status']);
|
$sheet->setDataValidation("F11:{$last_tgt_col}{$row}", clone $validation['host_status']);
|
||||||
$log->debug("Set data validation for target $host_name");
|
$log->debug("Set data validation for target $host_name");
|
||||||
|
|
||||||
$log->debug("Completed STIG parsing");
|
$log->debug("Completed STIG parsing");
|
||||||
@ -296,6 +299,7 @@ foreach ($findings as $worksheet_name => $data) {
|
|||||||
->applyFromArray($borders);
|
->applyFromArray($borders);
|
||||||
$sheet->freezePane("A11");
|
$sheet->freezePane("A11");
|
||||||
$sheet->setAutoFilter("A10:{$sheet->getHighestDataColumn()}10");
|
$sheet->setAutoFilter("A10:{$sheet->getHighestDataColumn()}10");
|
||||||
|
$sheet->protectCellsByColumnAndRow(1, 11, 5, $sheet->getHighestDataRow(), "sagacity");
|
||||||
|
|
||||||
updateHostHeader($sheet, $data['target_list'], $db);
|
updateHostHeader($sheet, $data['target_list'], $db);
|
||||||
|
|
||||||
@ -354,7 +358,7 @@ $log->debug("Writing complete");
|
|||||||
/**
|
/**
|
||||||
* Update the header on the worksheet
|
* Update the header on the worksheet
|
||||||
*
|
*
|
||||||
* @param \PhpOffice\PhpSpreadsheet\Worksheet $sheet
|
* @param Worksheet $sheet
|
||||||
* @param array:integer $tgts
|
* @param array:integer $tgts
|
||||||
* @param db $db
|
* @param db $db
|
||||||
*/
|
*/
|
||||||
@ -375,9 +379,10 @@ function updateHostHeader($sheet, $tgts, &$db) {
|
|||||||
foreach ($tgts as $tgt_name => $col_id) {
|
foreach ($tgts as $tgt_name => $col_id) {
|
||||||
$log->notice("tgt_name: $tgt_name\tcol_id: $col_id");
|
$log->notice("tgt_name: $tgt_name\tcol_id: $col_id");
|
||||||
$tgt = $db->get_Target_Details($ste_id, $tgt_name)[0];
|
$tgt = $db->get_Target_Details($ste_id, $tgt_name)[0];
|
||||||
|
/** @var software $os */
|
||||||
$os = $db->get_Software($tgt->get_OS_ID())[0];
|
$os = $db->get_Software($tgt->get_OS_ID())[0];
|
||||||
|
|
||||||
$oses[] = "{$os->man} {$os->name} {$os->ver}";
|
$oses[] = $os->get_SW_String();
|
||||||
$host_names[] = $tgt->get_Name();
|
$host_names[] = $tgt->get_Name();
|
||||||
|
|
||||||
if (is_array($tgt->interfaces) && count($tgt->interfaces)) {
|
if (is_array($tgt->interfaces) && count($tgt->interfaces)) {
|
||||||
@ -503,3 +508,27 @@ function deduplicateString($str)
|
|||||||
|
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Method to add a comment to a particular cell
|
||||||
|
*
|
||||||
|
* @param PhpOffice\PhpSpreadsheet\Worksheet\Worksheet $sheet
|
||||||
|
* @param string $cell
|
||||||
|
* @param string $note
|
||||||
|
*/
|
||||||
|
function add_cell_comment(&$sheet, $cell, $note)
|
||||||
|
{
|
||||||
|
$sheet->getActiveSheet()
|
||||||
|
->getComment($cell)
|
||||||
|
->setAuthor(CREATOR);
|
||||||
|
$commentRichText = $sheet->getActiveSheet()
|
||||||
|
->getComment($cell)
|
||||||
|
->getText()->createTextRun('Scanner Notes:');
|
||||||
|
$commentRichText->getFont()->setBold(true);
|
||||||
|
$sheet->getActiveSheet()
|
||||||
|
->getComment($cell)
|
||||||
|
->getText()->createTextRun("\r\n");
|
||||||
|
$sheet->getActiveSheet()
|
||||||
|
->getComment($cell)
|
||||||
|
->getText()->createTextRun($note);
|
||||||
|
}
|
||||||
|
@ -326,6 +326,10 @@ include_once 'header.inc';
|
|||||||
#loading {
|
#loading {
|
||||||
display: none;
|
display: none;
|
||||||
}
|
}
|
||||||
|
.dz-image img {
|
||||||
|
width: 100%;
|
||||||
|
height: 100%;
|
||||||
|
}
|
||||||
</style>
|
</style>
|
||||||
|
|
||||||
<div id='wrapper'>
|
<div id='wrapper'>
|
||||||
@ -468,20 +472,11 @@ include_once 'header.inc';
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var ste_cat $cat
|
||||||
|
*/
|
||||||
foreach ($cats as $cat) {
|
foreach ($cats as $cat) {
|
||||||
$nr = $db->get_Finding_Count_By_Status($cat->get_ID(), "Not Reviewed");
|
print $cat->get_Table_Row();
|
||||||
$na = $db->get_Finding_Count_By_Status($cat->get_ID(), "Not Applicable");
|
|
||||||
$nf = $db->get_Finding_Count_By_Status($cat->get_ID(), "Not a Finding");
|
|
||||||
$open = $db->get_Finding_Count_By_Status($cat->get_ID(), "Open");
|
|
||||||
|
|
||||||
$count = $db->get_STE_Cat_TGT_Count($cat->get_ID());
|
|
||||||
|
|
||||||
print $cat->get_Table_Row($count, [
|
|
||||||
"open" => $open,
|
|
||||||
"nf" => $nf,
|
|
||||||
"na" => $na,
|
|
||||||
"nr" => $nr
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -568,39 +563,49 @@ include_once 'header.inc';
|
|||||||
<link type="text/css" href="/script/dropzone/basic.min.css" rel="stylesheet" />
|
<link type="text/css" href="/script/dropzone/basic.min.css" rel="stylesheet" />
|
||||||
|
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
Dropzone.options.dropzone = {
|
Dropzone.options.dropzone = {
|
||||||
maxFilesize: 10,
|
maxFilesize: 10,
|
||||||
success: function (file, res) {
|
maxFiles: 1,
|
||||||
},
|
success: function (file, res) {
|
||||||
error: function (xhr, status, error) {
|
res = JSON.parse(res);
|
||||||
console.error(xhr);
|
if (res.imageUrl) {
|
||||||
console.error(error);
|
this.emit('thumbnail', file, res.imageUrl);
|
||||||
},
|
}
|
||||||
acceptedFiles: ".csv"
|
},
|
||||||
};
|
error: function (xhr, status, error) {
|
||||||
Dropzone.prototype.submitRequest = function (xhr, formData, files) {
|
if(!xhr.accepted) {
|
||||||
$('#host-list-file').val(files[0].name);
|
alert("That file type is not allowed, CSV only files");
|
||||||
var dt = new Date(files[0].lastModifiedDate);
|
}
|
||||||
xhr.setRequestHeader('X-FILENAME', files[0].name);
|
},
|
||||||
xhr.setRequestHeader('X-FILEMTIME', dt.toISOString());
|
init: function() {
|
||||||
return xhr.send(formData);
|
this.hiddenFileInput.removeAttribute('multiple');
|
||||||
};
|
},
|
||||||
Dropzone.autoDiscover = false;
|
acceptedFiles: ".csv"
|
||||||
|
};
|
||||||
|
Dropzone.prototype.submitRequest = function (xhr, formData, files) {
|
||||||
|
$('#host-list-file').val(files[0].name);
|
||||||
|
var dt = new Date(files[0].lastModifiedDate);
|
||||||
|
xhr.setRequestHeader('X-FILENAME', files[0].name);
|
||||||
|
xhr.setRequestHeader('X-FILEMTIME', dt.toISOString());
|
||||||
|
return xhr.send(formData);
|
||||||
|
};
|
||||||
|
Dropzone.autoDiscover = false;
|
||||||
|
|
||||||
$(function () {
|
$(function () {
|
||||||
var mydz = new Dropzone('#dropzone');
|
var mydz = new Dropzone('#dropzone');
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<form class="dropzone" action="/upload.php" id="dropzone">
|
<form class="dropzone" action="/upload.php" id="dropzone">
|
||||||
|
<div class="dz-message" data-dz-message><span>Click or Drop files here to upload</span></div>
|
||||||
<div class="fallback">
|
<div class="fallback">
|
||||||
<input type="file" name="file" multiple />
|
<input type="file" name="file" multiple />
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
<form method='post' action='#' style='margin-left: 20px;'
|
<form method='post' action='#' style='margin-left: 20px;'
|
||||||
onsubmit="$('#submit').attr('disabled', true);
|
onsubmit="if(!$('#host-list-file').val()){return false;}$('#submit').attr('disabled', true);return true;" id='host-list-form'>
|
||||||
return true;">
|
<div style='font-weight:400;color:red;'>Must keep 'host-list' as part of the filename</div>
|
||||||
<input type='hidden' name='file' id='host-list-file' style='display:none;' />
|
<input type='hidden' name='file' id='host-list-file' style='display:none;' />
|
||||||
<input type='hidden' name='action' value='import_host_list' />
|
<input type='hidden' name='action' value='import_host_list' />
|
||||||
<input type='hidden' name='ste' value='<?php print ($ste_id ? $ste_id : ''); ?>' />
|
<input type='hidden' name='ste' value='<?php print ($ste_id ? $ste_id : ''); ?>' />
|
||||||
|
@ -175,7 +175,6 @@ if ($ste_id) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
include_once "header.inc";
|
include_once "header.inc";
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<script type='text/javascript' src='/ste/ste_script.min.js'></script>
|
<script type='text/javascript' src='/ste/ste_script.min.js'></script>
|
||||||
|
@ -384,7 +384,7 @@ function display_ops_hosts(hosts) {
|
|||||||
var odd = true;
|
var odd = true;
|
||||||
|
|
||||||
for (var x in hosts.targets) {
|
for (var x in hosts.targets) {
|
||||||
$(cat).after(
|
$(cat).append(
|
||||||
"<div class='" + (odd ? "odd_row" : "even_row") + " cat_" + cat_id + "'>" +
|
"<div class='" + (odd ? "odd_row" : "even_row") + " cat_" + cat_id + "'>" +
|
||||||
"<span class='cat-cell' style='width:102px;text-align:left'>" +
|
"<span class='cat-cell' style='width:102px;text-align:left'>" +
|
||||||
"<input type='checkbox' class='tgt-sel' value='" + hosts.targets[x].id + "' onclick='javascript:update_tgt_chk(this);' />" +
|
"<input type='checkbox' class='tgt-sel' value='" + hosts.targets[x].id + "' onclick='javascript:update_tgt_chk(this);' />" +
|
||||||
@ -449,9 +449,9 @@ function display_stats_hosts(hosts) {
|
|||||||
"<span class='cat-cell na' title='Not Applicable' style='text-align:center;'>" + hosts.targets[x].na + "</span>" +
|
"<span class='cat-cell na' title='Not Applicable' style='text-align:center;'>" + hosts.targets[x].na + "</span>" +
|
||||||
"<span class='cat-cell nr' title='Not Reviewed' style='text-align:center;'>" + hosts.targets[x].nr + "</span>" +
|
"<span class='cat-cell nr' title='Not Reviewed' style='text-align:center;'>" + hosts.targets[x].nr + "</span>" +
|
||||||
"<span class='cat-cell comp' title='Percentage Compliant' style='text-align:center;background-color: " +
|
"<span class='cat-cell comp' title='Percentage Compliant' style='text-align:center;background-color: " +
|
||||||
getColorForPercentage(hosts.targets[x].comp) + ";'>" + (hosts.targets[x].comp.toFixed(2) * 100) + "%</span>" +
|
getColorForPercentage(hosts.targets[x].comp) + ";'>" + (hosts.targets[x].comp * 100).toFixed(2) + "%</span>" +
|
||||||
"<span class='cat-cell assessed' title='Percentage Assessed' style='text-align:center;background-color: " +
|
"<span class='cat-cell assessed' title='Percentage Assessed' style='text-align:center;background-color: " +
|
||||||
getColorForPercentage(hosts.targets[x].assessed) + ";'>" + (hosts.targets[x].assessed.toFixed(2) * 100) + "%</span>" +
|
getColorForPercentage(hosts.targets[x].assessed) + ";'>" + (hosts.targets[x].assessed * 100).toFixed(2) + "%</span>" +
|
||||||
"<span class='cat-cell scans'>" +
|
"<span class='cat-cell scans'>" +
|
||||||
(hosts.targets[x].scans ? hosts.targets[x].scans : " ") +
|
(hosts.targets[x].scans ? hosts.targets[x].scans : " ") +
|
||||||
"</span>" +
|
"</span>" +
|
||||||
|
2
ste/ste_script.min.js
vendored
2
ste/ste_script.min.js
vendored
File diff suppressed because one or more lines are too long
@ -5,20 +5,21 @@
|
|||||||
REM Purpose: Windows / XAMPP Uninstallation Script
|
REM Purpose: Windows / XAMPP Uninstallation Script
|
||||||
REM Created: Oct 3, 2018
|
REM Created: Oct 3, 2018
|
||||||
|
|
||||||
REM Copyright 2018: Cyber Perspective, All rights reserved
|
REM Copyright 2018-2019: Cyber Perspective, All rights reserved
|
||||||
REM Released under the Apache v2.0 License
|
REM Released under the Apache v2.0 License
|
||||||
|
|
||||||
REM See license.txt for details
|
REM See license.txt for details
|
||||||
|
|
||||||
REM Change Log:
|
REM Change Log:
|
||||||
REM - Oct 3, 2018 - File created
|
REM - Oct 3, 2018 - File created
|
||||||
|
REM - Jan 10, 2019 - Killed stray php processes, wait for uninstall to finish in background, move www folder (and this script) deletion to the end to avoid errors.
|
||||||
|
|
||||||
echo.
|
@echo.
|
||||||
echo This will completely uninstall Sagacity and XAMPP and delete
|
@echo This will completely uninstall Sagacity and XAMPP and delete
|
||||||
echo the findings database and all result files in www/tmp.
|
@echo the findings database and all result files in www/tmp.
|
||||||
echo.
|
@echo.
|
||||||
echo This cannot be undone.
|
@echo This cannot be undone.
|
||||||
echo.
|
@echo.
|
||||||
set /p uninstall="Are you sure? (y/N) "
|
set /p uninstall="Are you sure? (y/N) "
|
||||||
|
|
||||||
set result=0
|
set result=0
|
||||||
@ -30,25 +31,34 @@ if "%uninstall%"=="YES" (set result=1)
|
|||||||
|
|
||||||
if "%result%"=="1" (
|
if "%result%"=="1" (
|
||||||
cd C:\
|
cd C:\
|
||||||
echo - Stopping Apache and MySQL services.
|
@echo - Terminating PHP processes
|
||||||
|
taskkill /F /IM php.exe
|
||||||
|
@echo - Stopping Apache and MySQL services.
|
||||||
sc stop Apache2.4
|
sc stop Apache2.4
|
||||||
sc stop mysql
|
sc stop mysql
|
||||||
echo - Deleting the MySQL service.
|
@echo - Deleting the MySQL service.
|
||||||
sc delete mysql
|
sc delete mysql
|
||||||
echo - Deleting the Sagacity www folder.
|
@echo - Uninstalling XAMPP
|
||||||
del /F /S /Q C:\xampp\www 1>nul
|
|
||||||
rmdir /S /Q C:\xampp\www
|
|
||||||
echo - Uninstalling XAMPP
|
|
||||||
C:\xampp\uninstall.exe --mode unattended
|
C:\xampp\uninstall.exe --mode unattended
|
||||||
|
REM Deleting the www folder (and this script) has to wait until the very end
|
||||||
|
|
||||||
|
@echo.
|
||||||
|
@echo Waiting for background process uninstall.exe to finish
|
||||||
|
:LOOP
|
||||||
|
tasklist | find /i "uninstall" >nul 2>&1
|
||||||
|
IF ERRORLEVEL 1 (
|
||||||
|
timeout /T 1 >nul
|
||||||
|
GOTO LOOP
|
||||||
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
echo.
|
@echo.
|
||||||
echo Thank you for trying Sagacity. If you have any questions or comments, please echo contact us at https://www.cyberperspectives.com/contact_us
|
|
||||||
echo.
|
|
||||||
|
|
||||||
if "%result%"=="1" (
|
if "%result%"=="1" (
|
||||||
|
@echo Thank you for trying Sagacity. If you have any questions or comments, please contact us at https://www.cyberperspectives.com/contact_us
|
||||||
|
@echo.
|
||||||
set /p foo="Uninstall complete. Press enter to continue."
|
set /p foo="Uninstall complete. Press enter to continue."
|
||||||
|
rmdir /S /Q C:\xampp\www >nul 2>&1
|
||||||
|
exit /b
|
||||||
) else (
|
) else (
|
||||||
set /p foo="Whew, that was a close one! Uninstall aborted. Press enter to continue."
|
set /p foo="Whew, that was a close one! Uninstall aborted. Press enter to continue."
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -58,6 +58,9 @@ if ($fn) {
|
|||||||
case TECH_ECHECKLIST_EXCEL:
|
case TECH_ECHECKLIST_EXCEL:
|
||||||
print header(JSON) . json_encode(['imageUrl' => '/img/scan_types/echecklist.png']);
|
print header(JSON) . json_encode(['imageUrl' => '/img/scan_types/echecklist.png']);
|
||||||
break;
|
break;
|
||||||
|
case HOST_LIST:
|
||||||
|
print header(JSON) . json_encode(['imageUrl' => '/img/file.png']);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
print header(JSON) . json_encode(['imageUrl' => null]);
|
print header(JSON) . json_encode(['imageUrl' => null]);
|
||||||
unlink(TMP . "/" . basename($fn));
|
unlink(TMP . "/" . basename($fn));
|
||||||
|
Loading…
Reference in New Issue
Block a user