url = ui_get_full_url( 'index.php?sec=gservers&sec2=godmode/servers/discovery&wiz=hd' ); $this->access = 'PM'; $this->page = $page; $this->breadcrum = $breadcrum; } /** * Run function. It will be call into HostsDevices class. * Page 0: Upload form. * Page 1: Task resume. * * @return void */ public function runManageNetScanScript() { global $config; if (check_acl($config['id_user'], 0, $this->access) === 0) { db_pandora_audit( 'ACL Violation', 'Trying to access Net Scan Script.' ); include 'general/noaccess.php'; return; } $run_url = 'index.php?sec=gservers&sec2=godmode/servers/discovery'; $breadcrum = [ [ 'link' => 'index.php?sec=gservers&sec2=godmode/servers/discovery', 'label' => 'Discovery', ], [ 'link' => $run_url.'&wiz=hd', 'label' => __('Host & Devices'), ], ]; for ($i = 0; $i < $this->MAXPAGES; $i++) { $breadcrum[] = [ 'link' => $run_url.'&wiz=hd&mode=managenetscanscripts&page='.$i, 'label' => __($this->pageLabels[$i]), 'selected' => (($i == $this->page) ? 1 : 0), ]; } if ($this->page < $this->MAXPAGES) { // Avoid to print header out of wizard. $this->prepareBreadcrum($breadcrum); // Header. ui_print_page_header( __('Net scan scripts'), '', false, '', true, '', false, '', GENERIC_SIZE_TEXT, '', $this->printHeader(true) ); } $id_script = get_parameter('id_script', 0); // Initialize msg. $msg = []; // Operations. $operation_scp = get_parameter('operation_scp', ''); if ($operation_scp !== '') { switch ($operation_scp) { case 'update_scp': $msg = $this->updateScanScripts($id_script); break; case 'delete_scp': $msg = $this->deleteScanScripts($id_script); break; case 'create_scp': $msg = $this->createScanScripts($id_script); break; default: // Nothing for doing. Never exist other operation. break; } } if (!isset($this->page) || $this->page === 0) { $this->printListNetScanScripts($msg); } if (!isset($this->page) || $this->page === 1) { $this->printFormScanScripts($id_script); } } /** * Create net scan script. * * @return array Check msg successfully or problem */ private function createScanScripts() { $result = []; $reconscript_name = get_parameter('form_name', ''); $reconscript_description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('form_description')))); $reconscript_script = get_parameter('form_script', ''); // Get macros. $i = 1; $macros = []; while (1) { $macro = (string) get_parameter('field'.$i.'_macro'); if ($macro == '') { break; } $desc = (string) get_parameter('field'.$i.'_desc'); $help = (string) get_parameter('field'.$i.'_help'); $value = (string) get_parameter('field'.$i.'_value'); $hide = get_parameter('field'.$i.'_hide'); $macros[$i]['macro'] = $macro; $macros[$i]['desc'] = $desc; $macros[$i]['help'] = $help; $macros[$i]['value'] = $value; $macros[$i]['hide'] = $hide; $i++; } $macros = io_json_mb_encode($macros); $values = [ 'name' => $reconscript_name, 'description' => $reconscript_description, 'script' => $reconscript_script, 'macros' => $macros, ]; $result_crt = false; if ($values['name'] !== '' && $values['script'] !== '') { $result_crt = db_process_sql_insert('trecon_script', $values); if (!$result_crt) { $result = [ 'error' => 1, 'msg' => __('Problem creating'), ]; } else { $result = [ 'error' => 0, 'msg' => __('Created successfully'), ]; } } else { $result = [ 'error' => 1, 'msg' => __('Name or Script fullpath they can not be empty'), ]; } return $result; } /** * Update net scan script. * * @param integer $id_script Id script. * * @return array Check msg successfully or problem */ private function updateScanScripts(int $id_script) { $result = []; if (isset($id_script) === false || $id_script === 0) { $result = [ 'error' => 1, 'msg' => __('Problem deleting Net scan Scripts, Not selected script'), ]; return $result; } // If modified any parameter. $reconscript_name = get_parameter('form_name', ''); $reconscript_description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('form_description')))); $reconscript_script = get_parameter('form_script', ''); // Get macros. $i = 1; $macros = []; while (1) { $macro = (string) get_parameter('field'.$i.'_macro'); if ($macro == '') { break; } $desc = (string) get_parameter('field'.$i.'_desc'); $help = (string) get_parameter('field'.$i.'_help'); $value = (string) get_parameter('field'.$i.'_value'); $hide = get_parameter('field'.$i.'_hide'); $macros[$i]['macro'] = $macro; $macros[$i]['desc'] = $desc; $macros[$i]['help'] = $help; $macros[$i]['value'] = $value; $macros[$i]['hide'] = $hide; $i++; } $macros = io_json_mb_encode($macros); $sql_update = sprintf( "UPDATE trecon_script SET name = '%s', description = '%s', script = '%s', macros = '%s' WHERE id_recon_script = %d", $reconscript_name, $reconscript_description, $reconscript_script, $macros, $id_script ); $result_upd = false; if ($reconscript_name !== '' && $reconscript_script !== '') { $result_upd = db_process_sql($sql_update); if (!$result_upd) { $result = [ 'error' => 1, 'msg' => __('Problem updating'), ]; } else { $result = [ 'error' => 0, 'msg' => __('Updated successfully'), ]; } } else { $result = [ 'error' => 1, 'msg' => __('Name or Script fullpath they can not be empty'), ]; } return $result; } /** * Delete net scan script. * * @param integer $id_script Id script. * * @return array Check msg successfully or problem */ private function deleteScanScripts(int $id_script) { $result = []; if (isset($id_script) === false || $id_script === 0) { $result = [ 'error' => 1, 'msg' => __('Problem deleting Net scan Scripts, Not selected script'), ]; return $result; } $result_dlt = db_process_sql_delete( 'trecon_script', ['id_recon_script' => $id_script] ); $result_dlt2 = db_process_sql_delete( 'trecon_task', ['id_recon_script' => $id_script] ); if (!$result_dlt) { $result = [ 'error' => 1, 'msg' => __('Problem deleting Net scan Scripts'), ]; } else { $result = [ 'error' => 0, 'msg' => __('Deleted successfully'), ]; } return $result; } /** * Print list Net scan scripts and messages operations. * * @param array $msg Print msg if necessary. * * @return void */ private function printListNetScanScripts(array $msg) { global $config; if (count($msg) > 0) { if ($msg['error'] === 1) { ui_print_error_message($msg['msg']); } else { ui_print_success_message($msg['msg']); } } $url = 'index.php?sec=gservers&sec2=godmode/servers/discovery'; $url .= '&wiz=hd&mode=managenetscanscripts'; // List available Net scan scripts. $rows = db_get_all_rows_in_table('trecon_script'); if ($rows !== false) { echo '
'.__('Name').' | '; echo ''.__('Description').' | '; echo ''.__('Delete').' | '; echo ''; $color = 0; foreach ($rows as $row) { if ($color == 1) { $tdcolor = 'datos'; $color = 0; } else { $tdcolor = 'datos2'; $color = 1; } echo '
---|---|---|
"; echo ''; echo $row['name']; echo ' | '; echo "";
$desc = io_safe_output(
$row['description']
);
$desc = str_replace(
"\n",
' ', $desc ); echo $desc.' '; echo ''.__('Command').': '.$row['script'].''; echo " | "; // Delete. echo ''; echo ' |