From 208ffaeddbe636f7aec569902328c1d5182f4441 Mon Sep 17 00:00:00 2001
From: slerena <slerena@gmail.com>
Date: Wed, 19 Aug 2009 19:38:29 +0000
Subject: [PATCH] 2009-08-19  Sancho Lerena  <slerena@artica.es>

	* pandoradb.sql: A missing table was necessary to be added to allow recon
	to make scans depending on TCP ports profile (recon_ports field).

	* manage_recontask.php, manage_recontask_form.php: Added recon_port field
	to recon management system. Added some links and some aditional formatting.

	* include/funcions_db.php: Improved format_array_to_where_clause_sql()
	to accept condicionals like > and < in the array field.

	* operation/servers/view_server_detail.php: Quick link to recontask server
	admin.




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1867 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     | 18 ++++++++++
 .../godmode/servers/manage_recontask.php      | 21 ++++++-----
 .../godmode/servers/manage_recontask_form.php | 35 +++++++++++--------
 pandora_console/include/functions_db.php      | 16 ++++++---
 pandora_console/include/styles/pandora.css    |  3 +-
 .../operation/servers/view_server_detail.php  |  6 +++-
 pandora_console/pandoradb.sql                 |  3 ++
 7 files changed, 73 insertions(+), 29 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index f17c252b32..5178cdb91f 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,17 @@
+2009-08-19  Sancho Lerena  <slerena@artica.es>
+
+	* pandoradb.sql: A missing table was necessary to be added to allow recon
+	to make scans depending on TCP ports profile (recon_ports field).
+
+	* manage_recontask.php, manage_recontask_form.php: Added recon_port field
+	to recon management system. Added some links and some aditional formatting.
+	
+	* include/funcions_db.php: Improved format_array_to_where_clause_sql()
+	to accept condicionals like > and < in the array field.
+	
+	* operation/servers/view_server_detail.php: Quick link to recontask server
+	admin.
+
 2009-08-18  Miguel de Dios  <miguel.dedios@artica.es>
 	
 	* install.php: change the style of "div#wizard", "div#install_img" and add
@@ -18,21 +32,25 @@
 
 
 2009-08-18  Miguel de Dios  <miguel.dedios@artica.es>
+
 	* include/functions_config.php: add to save the attachment_store config
 	value.
 
 2009-08-18  Miguel de Dios  <miguel.dedios@artica.es>
+
 	* godmode/reporting/reporting_builder.php: add filter parameter in ajax that
 	pick the modules for select in form. The parameter is filter that don't
 	search rows are pending to delete.
 	Fixes: 2824695
 
 2009-08-18  Miguel de Dios  <miguel.dedios@artica.es>
+
 	* godmode/agentes/agent_template.php: refine the query to extract modules
 	from DB, now the query don't search modules are pending to delete.
 	Fixes: 2826447
 
 2009-08-18  Miguel de Dios  <miguel.dedios@artica.es>
+
 	* ChangeLog: add comments of last commits, I forget update file.
 
 	* godmode/reporting/map_builder.php: add check in javascript for form for to
diff --git a/pandora_console/godmode/servers/manage_recontask.php b/pandora_console/godmode/servers/manage_recontask.php
index eaf1be3950..b3fea20458 100644
--- a/pandora_console/godmode/servers/manage_recontask.php
+++ b/pandora_console/godmode/servers/manage_recontask.php
@@ -52,6 +52,7 @@ if ((isset ($_GET["update"])) OR ((isset ($_GET["create"])))) {
 	$id_group = get_parameter_post ("id_group");
 	$create_incident = get_parameter_post ("create_incident");
 	$id_network_profile = get_parameter_post ("id_network_profile");
+	$recon_ports = get_parameter_post ("recon_ports", "");
 	$id_os = get_parameter_post ("id_os", 10);
 }
 
@@ -62,7 +63,7 @@ if (isset($_GET["update"])) {
 	$id = get_parameter_get ("update");
 	$sql = sprintf ("UPDATE trecon_task SET id_os = %d, name = '%s', subnet = '%s',
 				description = '%s', id_recon_server = %d, create_incident = %b, id_group = %d, interval_sweep = %u, 
-				id_network_profile = %d WHERE id_rt = %u",$id_os,$name,$network,$description,$id_recon_server,$create_incident,$id_group,$interval,$id_network_profile,$id);
+				id_network_profile = %d, recon_ports = '%s' WHERE id_rt = %u",$id_os,$name,$network,$description,$id_recon_server,$create_incident,$id_group,$interval,$id_network_profile,$recon_ports, $id);
 	
 	if (process_sql ($sql) !== false) {
 		echo '<h3 class="suc">'.__('Successfully updated recon task').'</h3>';
@@ -76,8 +77,8 @@ if (isset($_GET["update"])) {
 // --------------------------------
 if (isset($_GET["create"])) {
 	$sql = sprintf ("INSERT INTO trecon_task 
-			(name, subnet, description, id_recon_server, create_incident, id_group, id_network_profile, interval_sweep, id_os) 
-			VALUES ( '%s', '%s', '%s', %u, %b, %d, %d, %u, %d)",$name,$network,$description,$id_recon_server,$create_incident,$id_group,$id_network_profile,$interval,$id_os);
+			(name, subnet, description, id_recon_server, create_incident, id_group, id_network_profile, interval_sweep, id_os, recon_ports) 
+			VALUES ( '%s', '%s', '%s', %u, %b, %d, %d, %u, %d, '%s')",$name,$network,$description,$id_recon_server,$create_incident,$id_group,$id_network_profile,$interval,$id_os, $recon_ports);
 	
 	if (process_sql ($sql) !== false) {
 		echo '<h3 class="suc">'.__('Successfully created recon task').'</h3>';
@@ -89,12 +90,14 @@ if (isset($_GET["create"])) {
 // --------------------------------
 // SHOW TABLE WITH ALL RECON TASKs
 // --------------------------------
-echo "<h2>".__('Pandora servers')." &raquo; ".__('Manage recontask')."</h2>";
+echo "<h2>";
+echo __('Pandora servers')." &raquo; ".__('Manage recontask');
+echo "</h2>";
 
 $result = get_db_all_rows_in_table ("trecon_task");
 $color=1;
 if ($result !== false) {
-	$table->head = array  (__('Name'), __('Network'), __('Module template'), __('Group'), __('Incident'), __('OS'), __('Interval'), __('Action'));
+	$table->head = array  (__('Name'), __('Network'), __('Module template'), __('Group'), __('Incident'), __('OS'), __('Interval'), __('Ports'), __('Action'));
 	$table->align = array ("","","","center","","","center","center");
 	$table->width = 700;
 	$table->cellpadding = 4;
@@ -116,10 +119,12 @@ if ($result !== false) {
 			(($row["id_os"] > 0) ? print_os_icon ($row["id_os"], false, true) : __('Any')),
 		// INTERVAL
 			human_time_description_raw($row["interval_sweep"]),
+		// PORTS
+			substr($row["recon_ports"],0,15),
 		// ACTION
-			'<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&delete='.$row["id_rt"].'">
-			<img src="images/cross.png" border="0" /></a>&nbsp;&nbsp;<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask_form&update='.$row["id_rt"].'">
-			<img src="images/config.png" /></a>'
+			"<a href='index.php?sec=estado_server&sec2=operation/servers/view_server_detail&server_id=".$row["id_recon_server"]."'><img src='images/eye.png'></a>&nbsp;".
+			'<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&delete='.$row["id_rt"].'"><img src="images/cross.png" border="0" /></a>&nbsp;<a href="index.php?sec=gservers&sec2=godmode/servers/manage_recontask_form&update='.$row["id_rt"].'">
+			<img src="images/config.png"/></a>'
 		);
 	}
 	print_table ($table);
diff --git a/pandora_console/godmode/servers/manage_recontask_form.php b/pandora_console/godmode/servers/manage_recontask_form.php
index 2c95a77de2..5522a0a80c 100644
--- a/pandora_console/godmode/servers/manage_recontask_form.php
+++ b/pandora_console/godmode/servers/manage_recontask_form.php
@@ -38,6 +38,7 @@ if (isset ($_GET["update"])) { // Edit mode
 	$create_incident = $row["create_incident"];
 	$id_network_profile = $row["id_network_profile"];
 	$id_os = $row["id_os"];
+	$recon_ports = $row["recon_ports"];
 } elseif (isset ($_GET["create"])) {
 	$id_rt = -1;
 	$name = "";
@@ -49,28 +50,29 @@ if (isset ($_GET["update"])) { // Edit mode
 	$create_incident = 1;
 	$id_network_profile = 1;
 	$id_os = -1; // Any
+	$recon_ports = ""; // Any
 }
 
 echo '<h2>'.__('Pandora servers').' &raquo; '.__('Manage recontask');
 print_help_icon ("recontask");
 echo '</h2>';
 
-$table->width=700;
+$table->width=600;
 $table->cellspacing=4;
 $table->cellpadding=4;
 $table->class="databox_color";
 
 // Name
-$table->data[0][0] = __('Task name');
+$table->data[0][0] = "<b>".__('Task name')."</b>";
 $table->data[0][1] = print_input_text ('name', $name, '', 25, 0, true);
 
 // Recon server
-$table->data[1][0] = __('Recon server').'<a href="#" class="tip">&nbsp;<span>'.__('You must select a Recon Server for the Task, otherwise the Recon Task will never run').'</span></a>';
+$table->data[1][0] = "<b>".__('Recon server').'<a href="#" class="tip">&nbsp;<span>'.__('You must select a Recon Server for the Task, otherwise the Recon Task will never run').'</span></a>';
 $table->data[1][1] = print_select_from_sql ('SELECT id_server, name FROM tserver WHERE server_type = 3 ORDER BY name',
 	"id_recon_server", $id_recon_server, '', '', '', true);
 
 // Network 
-$table->data[2][0] = __('Network');
+$table->data[2][0] = "<b>".__('Network');
 $table->data[2][1] = print_input_text ('network', $network, '', 25, 0, true);
 
 // Interval
@@ -85,40 +87,45 @@ $values[604800] = __('%d week', 1);
 $values[1209600] = __('%d weeks', 2);
 $values[2592000] = __('%d month', 1);
 
-$table->data[3][0] = __('Interval');
+$table->data[3][0] = "<b>".__('Interval');
 $table->data[3][1] = print_select ($values, "interval", $interval, '', '', '', true);
 
 // Module template
-$table->data[4][0] = __('Module template');
+$table->data[4][0] = "<b>".__('Module template');
 $table->data[4][1] = print_select_from_sql ('SELECT id_np, name FROM tnetwork_profile',
 	"id_network_profile", $id_network_profile, '', '', '', true);
 
 // OS
-$table->data[5][0] = __('OS');
+$table->data[5][0] = "<b>".__('OS');
 $table->data[5][1] = print_select_from_sql ('SELECT id_os, name FROM tconfig_os ORDER BY name',
 	"id_os", $id_os, '', __('Any'), -1, true);
 
+// Recon ports
+$table->data[6][0] = "<b>".__('Ports');
+$table->data[6][1] =  print_input_text ('recon_ports', $recon_ports, '', 25, 0, true);
+$table->data[6][1] .= '<a href="#" class="tip">&nbsp;<span>'.__('Ports defined like: 80 or 80,443,512 or even 0-1024 (Like Nmap command line format). If dont want to do a sweep using portscan, left it in blank').'</span></a>';
+
 // Group
-$table->data[6][0] = __('Group');
-$table->data[6][1] = print_select_from_sql ('SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1 ORDER BY nombre', "id_group", $id_group, '', '', 0, true);
+$table->data[7][0] = "<b>".__('Group');
+$table->data[7][1] = print_select_from_sql ('SELECT id_grupo, nombre FROM tgrupo WHERE id_grupo > 1 ORDER BY nombre', "id_group", $id_group, '', '', 0, true);
 
 
 // Incident
 $values = array (0 => __('No'), 1 => __('Yes'));
-$table->data[7][0] = __('Incident');
-$table->data[7][1] = print_select ($values, "create_incident", $create_incident,
+$table->data[8][0] = "<b>".__('Incident');
+$table->data[8][1] = print_select ($values, "create_incident", $create_incident,
 	'','','',true);
 
 // Comments
-$table->data[8][0] = __('Comments');
-$table->data[8][1] = print_textarea ("description", 2, 70, $description, '', true);
+$table->data[9][0] = "<b>".__('Comments');
+$table->data[9][1] =  print_input_text ('description', $description, '', 45, 0, true);
 
 
 // Different Form url if it's a create or if it's a update form
 echo '<form name="modulo" method="post" action="index.php?sec=gservers&sec2=godmode/servers/manage_recontask&'.(($id_rt != -1) ? 'update='.$id_rt : 'create=1').'">';
 
 print_table ($table);
-echo '<div class="action-buttons" style="width: '.$table->width.'">';
+echo '<div class="action-buttons" style="width: 620px">';
 if ($id_rt != -1) 
 	print_submit_button (__('Update'), "crt", false, 'class="sub upd"');
 else
diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php
index a7364f9380..62db1d37a5 100644
--- a/pandora_console/include/functions_db.php
+++ b/pandora_console/include/functions_db.php
@@ -1658,7 +1658,6 @@ function get_db_row_filter ($table, $filter, $fields = false, $where_join = 'AND
 		$filter = 'WHERE '.$filter;
 	else
 		$filter = '';
-	
 	$sql = sprintf ('SELECT %s FROM %s %s',
 		$fields, $table, $filter);
 	
@@ -1739,9 +1738,8 @@ function get_db_all_rows_filter ($table, $filter, $fields = false, $where_join =
 	} else {
 		$filter = '';
 	}
-	
+
 	$sql = sprintf ('SELECT %s FROM %s %s', $fields, $table, $filter);
-	
 	return get_db_all_rows_sql ($sql);
 }
 
@@ -2105,7 +2103,17 @@ function format_array_to_where_clause_sql ($values, $join = 'AND', $prefix = fal
 		} elseif (is_array ($value)) {
 			$query .= sprintf ('%s IN ("%s")', $field, implode ('", "', $value));
 		} else {
-			$query .= sprintf ("%s = '%s'", $field, $value);
+			if ($value[0] == ">"){
+				$value = substr($value,1,strlen($value)-1);
+				$query .= sprintf ("%s > '%s'", $field, $value);
+			}
+			else if ($value[0] == "<"){
+				$value = substr($value,1,strlen($value)-1);
+				$query .= sprintf ("%s < '%s'", $field, $value);
+			} 
+			else {
+				$query .= sprintf ("%s = '%s'", $field, $value);
+			}
 		}
 		
 		if ($i < $max) {
diff --git a/pandora_console/include/styles/pandora.css b/pandora_console/include/styles/pandora.css
index e84109b2e9..5c8a507343 100644
--- a/pandora_console/include/styles/pandora.css
+++ b/pandora_console/include/styles/pandora.css
@@ -5,7 +5,6 @@ Name: Default theme
 Description: The default Pandora FMS theme layout
 
 // Pandora FMS - the Flexible Monitoring System
-// =============================================
 // Copyright (c) 2004-2009 Artica Soluciones Tecnológicas S.L
 
 // This program is free software; you can redistribute it and/or
@@ -95,7 +94,7 @@ h4 {
 	color: #000;
 }
 a {
-	color: #486787;
+	color: #000;
 	text-decoration: none;
 }
 a:hover {
diff --git a/pandora_console/operation/servers/view_server_detail.php b/pandora_console/operation/servers/view_server_detail.php
index a1d8c2a787..4963765d36 100644
--- a/pandora_console/operation/servers/view_server_detail.php
+++ b/pandora_console/operation/servers/view_server_detail.php
@@ -49,7 +49,11 @@ $recon_tasks = get_db_all_rows_field_filter ("trecon_task", "id_recon_server", $
 echo "<h2>". __('Configuration detail') . " - ".safe_input ($server_name);
 echo '&nbsp;<a href="index.php?sec=estado_server&amp;sec2=operation/servers/view_server_detail&amp;server_id='.$id_server.'">';
 print_image ("images/refresh.png");
-echo "</a></h2>";
+echo "</a>&nbsp;";
+if (check_acl ($config["id_user"],0,"PW")){
+	echo "<a href='index.php?sec=gservers&sec2=godmode/servers/manage_recontask'><img 		src='images/setup.png'></A>";
+}
+echo "</h2>";
 
 
 // Show network tasks for Recon Server
diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql
index eb7a58368e..3f89f0ac9b 100644
--- a/pandora_console/pandoradb.sql
+++ b/pandora_console/pandoradb.sql
@@ -564,10 +564,13 @@ CREATE TABLE IF NOT EXISTS `trecon_task` (
   `interval_sweep` int(10) unsigned NOT NULL default '0',
   `id_recon_server` int(10) unsigned NOT NULL default '0',
   `id_os` tinyint(4) NOT NULL default '0',
+  `recon_ports` varchar(250) NOT NULL default '',
   PRIMARY KEY  (`id_rt`),
   KEY `recon_task_daemon` (`id_recon_server`)
 ) ENGINE=InnoDB  DEFAULT CHARSET=utf8;
 
+
+
 CREATE TABLE IF NOT EXISTS `tserver` (
   `id_server` int(10) unsigned NOT NULL auto_increment,
   `name` varchar(100) NOT NULL default '',