sagacity/exec/populate_cve_web.php
2018-05-07 10:51:08 -04:00

55 lines
1.2 KiB
PHP

<?php
/**
* File: populate_cve_web.php
* Author: Ryan Prather
* Purpose: Find all CVE files, read entire file and add to database for later retrieval
* Created: Sep 1, 2016
*
* Portions Copyright 2016: Cyber Perspectives, All rights reserved
* Released under the Apache v2.0 License
*
* See license.txt for details
*
* Change Log:
* - Sep 1, 2016 - File created
*/
include_once 'config.inc';
include_once 'database.inc';
include_once 'helper.inc';
$db = new mysqli(DB_SERVER, "web", db::decrypt_pwd());
set_time_limit(0);
$files = glob("../reference/cve/*.xml");
$count = 0;
$start_sql = $sql = "INSERT IGNORE INTO `reference`.`cve_web` (`cve_id`,`xml`) VALUES ";
foreach ($files as $file) {
print ".";
$xml = new DOMDocument();
$xml->load($file);
$cve_id = getValue($xml, "/item/@name");
if (empty($cve_id)) {
die;
}
$sql .= "(" .
"'" . $db->real_escape_string($cve_id) . "'," .
"'" . $db->real_escape_string($xml->saveXML()) . "'),";
$count++;
if ($count % 100 == 0 || strlen($sql) > 5000000) {
if (!$db->real_query(substr($sql, -1))) {
error_log($db->error);
Sagacity_Error::sql_handler($sql);
die;
}
print "\t$count\t" . strlen($sql) . PHP_EOL;
$sql = $start_sql;
}
}