Tweet
OffTopic:
Du sprichst ein grundlegend anderes Deutsch als ich, kann das sein?
-
Ich denke, also bin ich. - Einige sind trotzdem... -
hört sich wirklich nicht deutsch an was ich gerade geschrieben hab.
ich post mal kurz den ganzen code. dann wirds besser.Comment
-
Original geschrieben von mrhappiness
OffTopic:
Du sprichst ein grundlegend anderes Deutsch als ich, kann das sein?OffTopic:
"er" liest auch nicht
Comment
-
Original geschrieben von Wurzel
OffTopic:
"er" liest auch nichtOffTopic:
Meintest du prinzipiell oder nur in diesem Thread?Ich denke, also bin ich. - Einige sind trotzdem...Comment
-
index.php datei
Die index.tpl dateiPHP Code:error_reporting(9);
require_once('./_lib/Smarty.class.php');
require_once('_classes/Authentication.class.php');
require_once('./_lib/config.php');
//require_once('_config/index.php');
require_once('adodb/adodb.inc.php');
$template = new smarty;
$template->template_dir = './templates/';
$template->compile_dir = './templates/compiled/';
//start session
session_start();
//create an authentification-object
$myAuth = new Authentification($template);
if(!$myAuth->checkAuthentification())
{
echo "fehler bei session";
//$myAuth->getLogin();
exit;
}//end if
else
{
$_SESSION['userid']=$myAuth->getUserId();
$_SESSION['is_admin']=$myAuth->is_admin();
//unsused now
$username = $myAuth->getUserName();
}//end else
//set admin-navigation as comment (default)
$adminNavigationStart = "<!--";
$adminNavigationStop = "-->";
//if user is admin, show admin navigation
if($_SESSION['is_admin']==1)
{
$adminNavigationStart = "";
$adminNavigationStop = "";
}//end if
//hide administration-navigation from users
$template->assign(array(
'START_ADMIN_NAVIGATION' => $adminNavigationStart,
'END_ADMIN_NAVIGATION' => $adminNavigationStop,
));
//get selected section-name
$section = "";
if(isset($_REQUEST['section']))
{
$section = $_REQUEST['section'];
}
//class-directory
$modulespath = "_classes/";
//switch to selected section
switch ($section)
{
case "reports":
$modulespath .= "Reports.class.php";
if (file_exists($modulespath))
require_once($modulespath);
else
die ("Fehler beim Aufruf von Reports.class.php!");
$objReportsManager = &new Reporting($template);
$template = $objReportsManager->getReportingPage();
break;
//end case access
default:
ShowMain($template,$username);
break;
}//end switch
function ShowMain($template,$username)
{
global $dbconn;
//load main-template-file (delete unused vars and blocks)
$templateload = "main.tpl";
$template->assign('templateload', $templateload);
$query="SELECT COUNT(nessus_settings.id)
FROM nessus_settings inner join nessus_settings_users on nessus_settings.id=nessus_settings_users.sid
WHERE nessus_settings_users.username='$username'";
$result=$dbconn->execute($query);
list($profilecount)=$result->fields;
$template->assign('username', $username);
$query="SELECT COUNT(id)
FROM plugins";
$result=$dbconn->execute($query);
list($plugincount)=$result->fields;
$plugincountout = $plugincount.= "Nessus plugins in the database.";
$template->assign('{plugin_count}', $plugincountout);
$query = "SELECT COUNT(id)
FROM nessus_plugins
WHERE TO_DAYS(now()) - TO_DAYS(created) <7";
$result = $dbconn->execute($query);
list($plugincount)=$result->fields;
if ($plugincount>0)
{
$plugincountout2 = $plugincount.= "new plugins added within last 7 days.<br>";
$template->assign('{plugin_count2}', $plugincountout2);
}
$plugincount = '2';
$plugincountout2 = $plugincount.= "new plugins added within last 7 days.<br>";
$template->assign('{plugin_count2}', $plugincountout2);
$query="SELECT COUNT(id)
FROM nessus_schedule
WHERE status='R'
AND username='$username'";
$result=$dbconn->execute($query);
list($scancount)=$result->fields;
if ($scancount==1) {
echo "$scancount Nessus scan is currently running.<br>";
}
else {
echo "$scancount Nessus scans are currently running.<br>";
}
$result=$dbconn->Execute("SELECT count(risk) as count, risk
FROM `nessus_results` where username='$username'
AND falsepositive<>'Y'
AND scriptid <> 10180
AND msg<>''
GROUP by risk");
$totalrisk=0;
$prevrisk=0;
$chartimg="graph1.php?graph=1";
while (list($riskcount, $risk)=$result->fields) {
for ($i=0;$i<$risk-$prevrisk-1;$i++) {
$missedrisk=$prevrisk+$i+1;
$chartimg.="&risk$missedrisk=0";
}
$prevrisk=$risk;
$chartimg.="&risk$risk=$riskcount";
$totalrisk=$totalrisk+$riskcount;
$result->MoveNext();
}
if($totalrisk>0) {
$graphstat = "<img src=\"$chartimg\">";
$template->assign('{graph}', $graphstat);
}
$query="select count(distinct host)
from nessus_results
where username='$username'";
$result=$dbconn->execute($query);
list ($syscount) = $result->fields;
echo "<br> Scanned $syscount systems";
$query="select count(distinct scantime, sched_id) from nessus_results where username='$username'";
$result=$dbconn->execute($query);
list ($syscount) = $result->fields;
echo ", $syscount times.";
echo "</font></td></tr></table>";
//include ('footer.php');
}
//send output to browser
$template->display('index.tpl');
Die Reports.Class.phpPHP Code:<html>
<head>
<title>MSA</title>
</head>
<body bgcolor="#FFFFFF" text="#000000">
<table class="table_menu" cellspacing="0" cellpadding="0">
<tr>
<td width="166" align="center" class="title">Benutzerfunktionen</td>
</tr>
<tr>
<td class="row1">
<ul class="navigation">
<li><a href="">»</a><a href="?section=home"> Home</a></li>
<li><a href="?section=settings">» Settings</a></li>
<li><a href="?section=securityscan">» Security Scan</a></li>
<li><a href="?section=reports">» Reports</a></li>
<li><a href="?section=updates">» Updates</a></li>
<li><a href="?section=help">» Help</a></li>
<li><a href="?section=logout">» Logout</a></li>
</ul>
</td>
</tr>
</table>
<td width="79%" valign="top">
<table width="100%" border="0" bordercolor="#000000">
<tr>
<td class="top_menu">{$content_navigation}</td>
</tr>
<tr>
<td><font class="status">{$content_status_message}</font></td>
</tr>
</table>
<table width="249" height="25" border="0">
<tr>
<td height="21">{include file="$templateload"}</td>
</tr>
</table></td>
</tr>
</table>
</body>
</html>
PHP Code:class Reporting
{
var $objTemplate;
var $action;
var $userId;
var $statusMessage = "";
var $isAdmin = false;
function Reporting($template)
{
$this->objTemplate = $template;
$this->userId = $_SESSION['userid'];
$this->isAdmin = $_SESSION['is_admin'];
}
function getReportingPage()
{
if(isset($_REQUEST['action']))
{
echo "vorhanden";
}
else{
echo "nicht vorhanden";
}
$action = $_REQUEST['action'];
switch ($action)
{
case "nesresult":
$this->ShowNessusResult();
break;
case "nmpresult":
$this->ShowNmapResult();
break;
case "search":
$this->SearchResult();
break;
case "latplugins":
$this->LatestPlugins();
break;
case "top10v":
$this->Top10Vulnerabilities();
exit;
break;
case "trend":
$this->TrendAnalys();
break;
case "stats":
$this->ScanTrendDate();
break;
case "statss":
$this->ScanTrendScan();
break;
default:
$this->showReports();
break;
}//end switch
$navigation= "[<a href='?section=monitoring'>Ueberwachungen</a>]
[<a href='?section=monitoring&action=add'>Neue Überwachung hinzufügen</a>]
[<a href='?section=services'>Portverwaltung</a>]";
$this->objTemplate->setVariable('CONTENT_STATUS_MESSAGE',$this->statusMessage);
$this->objTemplate->setVariable('CONTENT_NAVIGATION',$navigation);
return $this->objTemplate;
}
function showReports()
{
global $dbconn;
// include ('header.php');
$query_log="INSERT INTO log (ip, username, action)
VALUES('$_SERVER[REMOTE_ADDR]','".mysql_escape_string($_SESSION[user])."','Open reports')";
$result_log=$dbconn->execute($query_log);
$templateload = 'reports_overview.tpl';
$template->assign('templateload',$templateload);
// include ('footer.php');
}
}
Comment
-
..hoffe so geht's besser.Comment
-
Und die Ausgabe davon?Ich denke, also bin ich. - Einige sind trotzdem...Comment
-
von der reports.class?
wer dann(reports_overwiev.tpl):
PHP Code:<b>Reports</b><br><br>
<a href=\'?action=nesresult'>Nessus Scan Results</a><BR>
<a href=\'?action=nmpresult'>Nmap Scan Results</a><br>
<a href=\'?action=search'>Search</a><BR>
<a href=\'?action=latplugins'>Latest Plugins</a><br>
<a href=\'?action=top10v'>Top 10 Vulnerabilities</a><br>
<br>
<a href=\'?action=trend'>Vulnerability Trend Analysis</a><br>
<a href=\'?action=stats'>Scan Trend - by date</a><br>
<a href=\'?action=statss'>Scan Trend - by scan</a><br>
Comment
-
du hast in deinem code viele echos...Ich denke, also bin ich. - Einige sind trotzdem...Comment
-
nur in der index.php datei. sonst sollten keine mehr vorhanden sein.
aber die echos sollten ja nicht die Ursache meines Problemes sein.Comment
-
ich denke er will wissen was die Ausgabe der echos ist??aber die echos sollten ja nicht die Ursache meines Problemes sein.Last edited by BAAL; 07-04-2005, 14:13.wenn wir unsere Agenturräume in nem Baumhaus hätten könnten wir wenigstens behaupten wir wären auf einen grünen Zweig gekommen
Comment
-
ou. ach so. ok. sorry.
die Echos geben nur Daten aus der Datenbank aus. Anzahl Scans usw.
Aber das hängt sicherlich nicht mit meinem Problem zusammen.Comment
-
mhh ... mal wieder was zu deiner php Version!!
du sagtest das du php 5 hast .. hast du das auch mal mit ner 4er getestet?? ... kann ja sein das das noch ein Bug in php5 ist!!
sonst hast du schon versucht die
an diePHP Code:$_REQUEST('section')
manuell zu übergeben??PHP Code:$_REQUEST('action')
vielleicht würde das das problem ja lösen??
wenn wir unsere Agenturräume in nem Baumhaus hätten könnten wir wenigstens behaupten wir wären auf einen grünen Zweig gekommen Comment
-
btw:
die mysql string escaperei kannste dir sparen wenn du die prepared statements von adodb nimmst ...Comment
Comment