Added a "group by STIG_ID" statement to fix a bug. This is a short-term fix as it will result in random VMS IDs populating where there is a duplicate. A real fix will require capturing the checklist ID and saving it as part of the VMS ID.
#78 fixed
Skip parsing orphan worksheet
Issue error if there are more than 100 targets in any worksheet
Save findings when you get above 1000
database.inc:
Comment out block of code to retrieve orphan findings to export to the eChecklist
setup.php:
Convert possible algorithms to lower case. (should fix bug that person on FB was seeing).
system.inc - fixed typo
parse_excel_echecklist.php - added functionality to assign OS and checklists based on worksheet contents
database.inc - Added a couple methods to support changes for #25
export.php - Minor change to OS listing and added add_cell_comment method to migrate scanner notes to a comment instead of the main note (separating the scanner and anaylst comments)
finding.inc - removed ID property to prevent duplicate findings from being added to the table
host_list.inc - deleted unused constructor
import.inc - formatting
db_schema.json - removed sagacity.findings.id field (making tgt_id and pdi_id new primary keys), and updated references
Database_Baseline.zip - updated routines for above change
background_results.php - fixed bug #19
export-ckl.php - performance adjustments
parse_excel_echecklist.php - performance improvements, ensure duplicate findings are not created, make eChecklist true status, update for removing findings.id field
parse_nvd_json_cve.php - convert reading json to array instead of object for reading CPEs (which were updated to CPE 2.3 instead of 2.2)
parse_* - remove findings.id field
database.inc - formatting, and update for removing findings.id field
index.php - ensure user can't import a host list without uploading a host list file
Fixed:
#65, #51, #28, #27, #10
Revert update_db.php to download compilation STIG library instead of individual as links are inconsistent (#60, #64, #61
Add scape_webpage method to helper.inc for future efforts
Fixed typo in uninstall.bat
installer.php - Fix bug when
update_db.php - Converted STIG download to identify the zip files from the a-z master list and download them individually instead of downloading the compilation zip file. Also integrated the sunset list into the same process so ALL STIGs are downloaded and imported at the same time
Adding an uninstall.bat that, when run as administrator, will stop the apache2.4 and mysql services, delete the mysql service (which XAMPP uninstall leaves behind...), deletes the www folder and uninstalls XAMPP.
Modified the install.bat script to suppress output when deleting the unnecessary XAMPP htdocs folder and added a friendly "contact us" message to encourage some feedback from our users.