Fix for Uninstall leaves www/exec #53 and other improvements
- Split regular installation and install-dev into separate scripts
- Streamlined the installation script (only requires <enter> at the end to move to setup)
- Redirected some unnecessary output to nul
- Made formatting changes to prettify the output
This should remedy the reported behavior of statuses quietly being changed to "Not Reviewed".
scan.inc - Added new set_Host_Error method to set the error value for a specific host
parse_excel_echecklist.php - explicitly check for the status to equal 1-of-7 expected values, if not, add note to finding, set scan error message, and default status to "Not Reviewed"
export.php - Added cell lock for A11:E{last row} with the default password of "sagacity" (all lowercase)
Fixes#80
Added a "group by STIG_ID" statement to fix a bug. This is a short-term fix as it will result in random VMS IDs populating where there is a duplicate. A real fix will require capturing the checklist ID and saving it as part of the VMS ID.
#78 fixed
Skip parsing orphan worksheet
Issue error if there are more than 100 targets in any worksheet
Save findings when you get above 1000
database.inc:
Comment out block of code to retrieve orphan findings to export to the eChecklist
setup.php:
Convert possible algorithms to lower case. (should fix bug that person on FB was seeing).
system.inc - fixed typo
parse_excel_echecklist.php - added functionality to assign OS and checklists based on worksheet contents
database.inc - Added a couple methods to support changes for #25
export.php - Minor change to OS listing and added add_cell_comment method to migrate scanner notes to a comment instead of the main note (separating the scanner and anaylst comments)
finding.inc - removed ID property to prevent duplicate findings from being added to the table
host_list.inc - deleted unused constructor
import.inc - formatting
db_schema.json - removed sagacity.findings.id field (making tgt_id and pdi_id new primary keys), and updated references
Database_Baseline.zip - updated routines for above change
background_results.php - fixed bug #19
export-ckl.php - performance adjustments
parse_excel_echecklist.php - performance improvements, ensure duplicate findings are not created, make eChecklist true status, update for removing findings.id field
parse_nvd_json_cve.php - convert reading json to array instead of object for reading CPEs (which were updated to CPE 2.3 instead of 2.2)
parse_* - remove findings.id field
database.inc - formatting, and update for removing findings.id field
index.php - ensure user can't import a host list without uploading a host list file
Fixed:
#65, #51, #28, #27, #10
Revert update_db.php to download compilation STIG library instead of individual as links are inconsistent (#60, #64, #61
Add scape_webpage method to helper.inc for future efforts
Fixed typo in uninstall.bat
installer.php - Fix bug when
update_db.php - Converted STIG download to identify the zip files from the a-z master list and download them individually instead of downloading the compilation zip file. Also integrated the sunset list into the same process so ALL STIGs are downloaded and imported at the same time