diff --git a/pandora_console/godmode/servers/manage_recontask.php b/pandora_console/godmode/servers/manage_recontask.php
index 34e7af5228..47ea18ddda 100644
--- a/pandora_console/godmode/servers/manage_recontask.php
+++ b/pandora_console/godmode/servers/manage_recontask.php
@@ -35,6 +35,9 @@ if (check_acl ($config['id_user'], 0, "AW")) {
$user_groups = users_get_groups(false, 'AW', true, false, null, 'id_grupo');
$user_groups = array_keys($user_groups);
+$user_groups_r = users_get_groups(false, 'AR', true, false, null, 'id_grupo');
+$user_groups_r = array_keys($user_groups_r);
+
// Headers
//ui_print_page_header (__('Manage recontask'), "images/gm_servers.png", false, "", true);
ui_print_page_header (__('Manage recontask'), "images/gm_servers.png", false, "", true, $options);
@@ -152,14 +155,24 @@ if (isset($_GET["update"])) {
$reason = '';
if ($name != "") {
- if (($id_recon_script == 'NULL') && preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
+ if ((db_get_value_filter ('name', 'trecon_task', array ('name' => $name))) && (!preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))){
+ $reason = __('Recon-task name already exists and incorrect format in Subnet field');
+ $result = false;
+ }
+ else if(db_get_value_filter ('name', 'trecon_task', array ('name' => $name))){
+ $reason = __('Recon-task name already exists');
+ $result = false;
+ }
+ else if ((empty($id_recon_script)) && preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network)){
$result = db_process_sql_update('trecon_task', $values, $where);
- elseif ($id_recon_script != 'NULL')
+ }
+ elseif (!empty($id_recon_script)){
$result = db_process_sql_update('trecon_task', $values, $where);
+ }
else {
if (!preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
$reason = __('Incorrect format in Subnet field');
- $result = false;
+ $result = false;
}
}
else
@@ -207,8 +220,21 @@ if (isset($_GET["create"])) {
$name = io_safe_input($name);
$reason = "";
- if (($name != "") && (! db_get_value_filter ('name', 'trecon_task', array ('name' => $name)))) {
- if (($id_recon_script == 'NULL') && preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
+
+ if ($name != "") {
+ if ((db_get_value_filter ('name', 'trecon_task', array ('name' => $name))) && (!preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))){
+ $reason = __('Recon-task name already exists and incorrect format in Subnet field');
+ $result = false;
+ }
+ else if (!preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network)){
+ $reason = __('Incorrect format in Subnet field');
+ $result = false;
+ }
+ else if (db_get_value_filter ('name', 'trecon_task', array ('name' => $name))){
+ $reason = __('Recon-task name already exists');
+ $result = false;
+ }
+ else if (empty($id_recon_script) && preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
{
$result = db_process_sql_insert('trecon_task', $values);
@@ -217,18 +243,13 @@ if (isset($_GET["create"])) {
elseif ($id_recon_script != 'NULL') {
$result = db_process_sql_insert('trecon_task', $values);
}
- else {
- if (!preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
- $reason = __('Incorrect format in Subnet field');
+ else{
+ $reason = __('Error');
$result = false;
}
}
else {
- $result = false;
- }
-
- if (db_get_value_filter ('name', 'trecon_task', array ('name' => $name))){
- $reason = __('Recon-task name already exists');
+ $reason = 'The field "Task name" is empty';
$result = false;
}
@@ -270,86 +291,87 @@ if ($result !== false) {
$table->style[8] = 'text-align: center;';
foreach ($result as $row) {
- $data = array();
- //$data[0] = ''.$row["name"].'';
- $data[0] = $row["name"];
+ if (in_array($row["id_group"], $user_groups_r)){
+ $data = array();
+ $data[0] = $row["name"];
- if ($row["id_recon_script"] == 0)
- $data[1] = $row["subnet"];
- else
- $data[1] =__("N/A");
+ if ($row["id_recon_script"] == 0)
+ $data[1] = $row["subnet"];
+ else
+ $data[1] =__("N/A");
- if ($row["id_recon_script"] == 0) {
- // Network recon task
- $data[2] = html_print_image ("images/network.png", true, array ("title" => __('Network recon task')))." ";
- $data[2] .= network_profiles_get_name ($row["id_network_profile"]);
- }
- else {
- // APP recon task
- $data[2] = html_print_image ("images/plugin.png", true). " ";
- $data[2] .= db_get_sql (sprintf("SELECT name FROM trecon_script WHERE id_recon_script = %d", $row["id_recon_script"]));
- }
+ if ($row["id_recon_script"] == 0) {
+ // Network recon task
+ $data[2] = html_print_image ("images/network.png", true, array ("title" => __('Network recon task')))." ";
+ $data[2] .= network_profiles_get_name ($row["id_network_profile"]);
+ }
+ else {
+ // APP recon task
+ $data[2] = html_print_image ("images/plugin.png", true). " ";
+ $data[2] .= db_get_sql (sprintf("SELECT name FROM trecon_script WHERE id_recon_script = %d", $row["id_recon_script"]));
+ }
- // GROUP
- if ($row["id_recon_script"] == 0) {
- $data[3] = ui_print_group_icon ($row["id_group"], true);
- }
- else {
- $data[3] = "-";
- }
+ // GROUP
+ if ($row["id_recon_script"] == 0) {
+ $data[3] = ui_print_group_icon ($row["id_group"], true);
+ }
+ else {
+ $data[3] = "-";
+ }
- // INCIDENT
- $data[4] = (($row["create_incident"] == 1) ? __('Yes') : __('No'));
+ // INCIDENT
+ $data[4] = (($row["create_incident"] == 1) ? __('Yes') : __('No'));
- // OS
- if ($row["id_recon_script"] == 0) {
- $data[5] =(($row["id_os"] > 0) ? ui_print_os_icon ($row["id_os"], false, true) : __('Any'));
- }
- else {
- $data[5] = "-";
- }
- // INTERVAL
- if ($row["interval_sweep"]==0)
- $data[6] = __("Manual");
- else
- $data[6] =human_time_description_raw($row["interval_sweep"]);
+ // OS
+ if ($row["id_recon_script"] == 0) {
+ $data[5] =(($row["id_os"] > 0) ? ui_print_os_icon ($row["id_os"], false, true) : __('Any'));
+ }
+ else {
+ $data[5] = "-";
+ }
+ // INTERVAL
+ if ($row["interval_sweep"]==0)
+ $data[6] = __("Manual");
+ else
+ $data[6] =human_time_description_raw($row["interval_sweep"]);
- // PORTS
- if ($row["id_recon_script"] == 0) {
- $data[7] = substr($row["recon_ports"],0,15);
- }
- else {
- $data[7] = "-";
- }
+ // PORTS
+ if ($row["id_recon_script"] == 0) {
+ $data[7] = substr($row["recon_ports"],0,15);
+ }
+ else {
+ $data[7] = "-";
+ }
- $task_group = $row["id_group"];
+ $task_group = $row["id_group"];
- if (in_array($task_group, $user_groups)){
+ if (in_array($task_group, $user_groups)){
+ $data[8] = '' . html_print_image("images/eye.png", true) . '';
+ $data[8] .= '' . html_print_image("images/cross.png", true, array("border" => '0')) . '';
+ $data[8] .= '' .html_print_image("images/config.png", true) . '';
+
+ if($row["disabled"] == 0) {
+ $data[8] .= '' .html_print_image("images/lightbulb.png", true) . '';
+ }
+ else {
+ $data[8] .= '' .html_print_image("images/lightbulb_off.png", true) . '';
+ }
+ }
+ // ACTION
$data[8] = '' . html_print_image("images/eye.png", true) . '';
$data[8] .= '' . html_print_image("images/cross.png", true, array("border" => '0')) . '';
$data[8] .= '' .html_print_image("images/config.png", true) . '';
-
+
if($row["disabled"] == 0) {
$data[8] .= '' .html_print_image("images/lightbulb.png", true) . '';
}
else {
$data[8] .= '' .html_print_image("images/lightbulb_off.png", true) . '';
}
+ $table->data[] = $data;
}
- // ACTION
- $data[8] = '' . html_print_image("images/eye.png", true) . '';
- $data[8] .= '' . html_print_image("images/cross.png", true, array("border" => '0')) . '';
- $data[8] .= '' .html_print_image("images/config.png", true) . '';
-
- if($row["disabled"] == 0) {
- $data[8] .= '' .html_print_image("images/lightbulb.png", true) . '';
- }
- else {
- $data[8] .= '' .html_print_image("images/lightbulb_off.png", true) . '';
- }
- $table->data[] = $data;
}
html_print_table ($table);
diff --git a/pandora_console/godmode/servers/manage_recontask_form.php b/pandora_console/godmode/servers/manage_recontask_form.php
index 464ef3d4ac..194ca178a6 100644
--- a/pandora_console/godmode/servers/manage_recontask_form.php
+++ b/pandora_console/godmode/servers/manage_recontask_form.php
@@ -62,11 +62,11 @@ if (is_ajax ()) {
}
// Edit mode
-if (isset ($_GET["update"]) or (isset($_GET["crt"]))) {
+if (isset ($_GET["update"]) or (isset($_GET["upd"]))) {
$update_recon = true;
- if (isset ($_GET["crt"])) {
- if ($_GET["crt"] != "update") {
+ if (isset ($_GET["upd"])) {
+ if ($_GET["upd"] != "update") {
$update_recon = false;
}
else {