***********************
** FILE NAME : abuse.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.1 $
+** VERSION NUMBER : $Revision: 1.2 $
**
** DESCRIPTION : Abuse list page
**
/*****************************
$Log: abuse.php,v $
- Revision 1.1 2005-06-04 07:24:38 arjen
+ Revision 1.2 2007-01-11 13:44:29 arjen
+ Manually edit parameters.
+ View logs from abusing IP addresses.
+
+ Revision 1.1 2005/06/04 07:24:38 arjen
New page: Abuse list
******************************/
-// RCSID = "$Id: abuse.php,v 1.1 2005-06-04 07:24:38 arjen Exp $";
+// RCSID = "$Id: abuse.php,v 1.2 2007-01-11 13:44:29 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
"', '$Subnet', '$abuse_points', 'dropped')");
}
- echo "<form method='post'>";
- echo "Report <input type='submit' name='ACTION' value='Abuse'>";
- echo " for IP address <input type='text' name='source'>";
- echo "</form>";
-
- echo "<form method='post'>";
- echo "<input type='submit' name='ACTION' value='Investigate'>";
- echo " or <input type='submit' name='ACTION' value='Block'>";
- echo " this subnet: <input type='text' name='subnet'>";
- echo "</form>";
-
- $res = pg_exec($this->database, "SELECT * FROM object_abuse
- WHERE objectid='". $_GET['oid'] ."' ORDER BY source");
-
- echo pg_numrows($res) . " records found.<br>";
-
- echo "<table>";
- echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th></tr>\n";
-
- for ($ip = 0; $ip < pg_numrows($res); $ip++)
+ if (!empty($_GET['src']))
{
- $abuse = pg_fetch_object($res, $ip);
- echo "<tr><td>";
- echo $abuse->source;
- echo "</td><td>";
- echo $abuse->nr_abuses;
- echo "</td><td>";
- echo $abuse->status;
- echo "</td></tr>";
+ $oid = $_GET['oid'];
+ $src = $_GET['src'];
+ $res = pg_exec($this->database, "SELECT logid FROM log_abuse WHERE objectid=$oid AND source <<= '$src'");
+ echo "<table>";
+ echo "<tr><th>Abused log entry</th></tr>";
+ for ($row = 0; $row < pg_numrows($res); $row++)
+ {
+ $logid = pg_fetch_object($res, $row);
+ //$log = pg_fetch_object(pg_exec($this->database, "SELECT rawdata FROM log WHERE logid=" . $logid->logid), 0);
+ echo "<tr><td>";
+ //echo $log->rawdata;
+ echo $logid->logid;
+ echo "</td></tr>";
+ }
+ echo "</table>";
+ }
+ else
+ {
+ echo "<form method='post'>";
+ echo "Report <input type='submit' name='ACTION' value='Abuse'>";
+ echo " for IP address <input type='text' name='source'>";
+ echo "</form>";
+
+ echo "<form method='post'>";
+ echo "<input type='submit' name='ACTION' value='Investigate'>";
+ echo " or <input type='submit' name='ACTION' value='Block'>";
+ echo " this subnet: <input type='text' name='subnet'>";
+ echo "</form>";
+
+ $res = pg_exec($this->database, "SELECT * FROM object_abuse
+ WHERE objectid='". $_GET['oid'] ."' ORDER BY source");
+
+ echo pg_numrows($res) . " records found.<br>";
+
+ echo "<table>";
+ echo "<tr><th>IP address</th><th>Abuses</th><th>Status</th><th>Last Changed</th></tr>\n";
+
+ for ($ip = 0; $ip < pg_numrows($res); $ip++)
+ {
+ $abuse = pg_fetch_object($res, $ip);
+ echo "<tr><td>";
+ echo $abuse->source;
+ echo "</td><td>";
+ echo "<a href='abuse.php?oid=" . $_GET['oid'] . "&src=" . $abuse->source . "'>" . $abuse->nr_abuses . "</a>";
+ echo "</td><td>";
+ echo $abuse->status;
+ echo "</td><td>";
+ echo $abuse->last_changed;
+ echo "</td></tr>";
+ }
+ echo "</table>";
}
- echo "</table>";
}
}
}
***********************
** FILE NAME : notification.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.3 $
+** VERSION NUMBER : $Revision: 1.4 $
**
** DESCRIPTION : Display and handle notifications.
** There are two major views to this page: either a list of
/*****************************
$Log: notification.php,v $
- Revision 1.3 2003-02-21 08:49:16 arjen
+ Revision 1.4 2007-01-11 13:44:29 arjen
+ Manually edit parameters.
+ View logs from abusing IP addresses.
+
+ Revision 1.3 2003/02/21 08:49:16 arjen
Keep a record of each time a notification
is displayed. Either on a listing or in detail.
******************************/
-// RCSID = "$Id: notification.php,v 1.3 2003-02-21 08:49:16 arjen Exp $";
+// RCSID = "$Id: notification.php,v 1.4 2007-01-11 13:44:29 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
class notification_page extends page
{
+ function notification_list($objectid)
+ {
+
+ // Display a list of all notifications for this object['oid']
+
+ $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid=" . $objectid);
+ $obj = pg_fetch_object($res, 0);
+ echo "<h1>Notifications for " . $obj->objectname . "</h1><hr>";
+
+ $res = pg_exec($this->database, "SELECT notificationid, timestamp, type_of_issueid,
+ statuscode, priority
+ FROM notification WHERE objectid= CAST ('"
+ . $objectid ."' AS BIGINT) AND statuscode != 'cls'"
+ . " ORDER BY notificationid");
+
+ echo "<table>";
+ $row = 0;
+ while ($row < pg_numrows($res))
+ {
+ $note = pg_fetch_object($res, $row);
+ $r = pg_exec($this->database, "SELECT name from type_of_issue WHERE type_of_issueid = CAST('"
+ . $note->type_of_issueid . "' AS BIGINT)");
+ $issue = pg_fetch_object($r, 0);
+ echo "<tr><td align='center'>\n";
+ echo $note->timestamp;
+ echo "</td><td>";
+ echo $note->notificationid;
+ echo "</td><td>";
+ echo "<a href='notification.php?notid=";
+ echo $note->notificationid;
+ echo "'>";
+ echo $issue->name;
+ echo "</a>";
+ echo "</td><td>";
+ echo $note->statuscode;
+ echo "</td><td>";
+ echo $note->priority;
+ echo "</td></tr>\n";
+ $row++;
+
+ //Save evidence that this notification was presented to the user.
+ //$note->statuscode = add_action($this->database, $note, 21,
+ // "This notification was displayed with others from the same object");
+ }
+ echo "</table>";
+ }
+
function display_notification($note)
{
$res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid= CAST ('" . $note->objectid . "' AS BIGINT)");
$r = pg_exec($this->database, "SELECT * FROM log WHERE logid IN
( SELECT logid FROM log_notification
WHERE notificationid = CAST ('"
- . $note->notificationid . "' AS BIGINT))");
+ . $note->notificationid . "' AS BIGINT)) ORDER BY object_timestamp");
if (pg_numrows($r) > 0)
{
echo "<h2>Log entries involved in this notification</h2>";
echo "</td><td>";
echo $p->servicecode;
echo "</td><td>";
- echo $p->rawdata;
+ echo htmlentities($p->rawdata);
echo "</td></tr>";
}
$possible_action = array
(
- "opn" => array (3, 6, 7),
+ "opn" => array (3, 6, 7, 13),
"pen" => array (3, 6, 7, 8, 11, 18),
"inv" => array (3, 9),
"vrf" => array (12, 13),
$row++;
//Save evidence that this notification was presented to the user.
- $note->statuscode = add_action($this->database, $note, 21,
- "This notification was displayed with others from the same object");
+ //$note->statuscode = add_action($this->database, $note, 21,
+ // "This notification was displayed with others from the same object");
}
echo "</table>";
}
$this->display_notification($note);
echo "<hr>";
$this->notification_form($note);
+ $this->notification_list($note->objectid);
}
else if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['notid']))
{
$this->display_notification($note);
echo "<hr>";
$this->notification_form($note);
+ $this->notification_list($note->objectid);
}
else
{
***********************
** FILE NAME : parameter.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.7 $
+** VERSION NUMBER : $Revision: 1.8 $
**
-** DESCRIPTION :
+** DESCRIPTION : Parameter administration for a specific object.
+** Input - GET[oid] : Object id
**
** EXPORTED OBJECTS :
** LOCAL OBJECTS :
/*****************************
$Log: parameter.php,v $
- Revision 1.7 2003-12-03 08:03:28 arjen
+ Revision 1.8 2007-01-11 13:44:29 arjen
+ Manually edit parameters.
+ View logs from abusing IP addresses.
+
+ Revision 1.7 2003/12/03 08:03:28 arjen
Optionally show or hide removed parameters from the parameter
comparison page.
******************************/
-// RCSID = "$Id: parameter.php,v 1.7 2003-12-03 08:03:28 arjen Exp $";
+// RCSID = "$Id: parameter.php,v 1.8 2007-01-11 13:44:29 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
if (!empty($_GET['oid']))
{
- $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)");
+ $ObjId = $_GET['oid'];
+
+ $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid=CAST('" . $ObjId ."' AS BIGINT)");
$obj = pg_fetch_object($res, 0);
echo "<h1>Parameters for " . $obj->objectname . "</h1>";
- $res = pg_exec($this->database, "SELECT paramid, class, name, description FROM parameter "
- ."WHERE objectid= CAST('" . $_GET['oid'] . "' AS BIGINT) order by class, name");
+ echo "Action = " . $_POST['action'] . "<br>";
+ // See if we have an update for the database
+ if (isset($_POST['action']) && $_POST['action'] == 'Create Parameter')
+ {
+ $name = $_POST['paramname'];
+ $class = $_POST['paramclass'];
+ $description = $_POST['paramdescr'];
+
+ echo "<h2>Creating parameter $name of class $class.</h2>";
+
+ echo "<form action='parameter.php?oid=$ObjId' method='post'>";
+ echo "<input type='hidden' name='paramclass' value='$class'>";
+ echo "<input type='hidden' name='paramname' value='$name'>";
+ echo "Description : <input type='text' name='paramdescr' value='$description'>";
+ echo "<br>";
+ echo "<table>";
+ echo "<tr><th>Property</th><th>Description</th><th>Value</th></tr>";
+
+ $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='$class'");
+ for ($row = 0; $row < pg_numrows($class_res); $row++)
+ {
+ $prop = pg_fetch_object($class_res, $row);
+ echo "<tr>";
+ echo "<td>", $prop->property_name, "</td><td>", $prop->description, "</td>";
+ echo "<td><input type='text' name='" . $prop->property_name . "'></td>";
+ echo "</tr>";
+ }
+ echo "</table>";
+ echo "<input type='submit' name='action' value='Save New Parameter'>";
+ echo "</form>";
+ }
+
+ if (isset($_POST['action']) && $_POST['action'] == 'Save New Parameter')
+ {
+ $name = $_POST['paramname'];
+ $class = $_POST['paramclass'];
+ $description = $_POST['paramdescr'];
+
+ echo "<h2>Saving new parameter $name of class $class.</h2>";
+
+ echo "Description : $description";
+ echo "<br>";
+
+ $insertion = "insert into parameter (objectid, name, class, description) values ";
+ $insertion .= "('$ObjId', '$name', '$class', '$description')";
+ pg_exec($this->database, $insertion);
+ $par = pg_fetch_object(pg_exec($this->database, "select currval('paramid_seq')"), 0);
+
+ echo "<table>";
+ echo "<tr><th>Property</th><th>Description</th><th>Value</th></tr>";
+
+ $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='$class'");
+ for ($row = 0; $row < pg_numrows($class_res); $row++)
+ {
+ $prop = pg_fetch_object($class_res, $row);
+ $insertion = "insert into property (paramid, name, value, type, min, max) values ('";
+ $insertion .= $par->currval . "', '" . $prop->property_name . "', '";
+ $insertion .= $_POST[$prop->property_name] . "', '" . $prop->property_type . "', '";
+ $insertion .= $prop->min . "', '" . $prop->max . "')";
+
+ pg_exec($this->database, $insertion);
+
+ $insertion = "insert into history (paramid, modified, change_nature, changed_property, new_value)";
+ $insertion .= " values ('" . $par->currval . "', '";
+ $insertion .= date('Y-m-d H:i:s') . "', 'CREATED', '";
+ $insertion .= $prop->property_name . "', '" . $_POST[$prop->property_name] . "')";
+
+ pg_exec($this->database, $insertion);
+
+ echo "<tr>";
+ echo "<td>", $prop->property_name, "</td><td>", $prop->description, "</td>";
+ echo "<td>" . $_POST[$prop->property_name] . "</td>";
+ echo "</tr>";
+ }
+ echo "</table>";
+ }
+
?>
<form action='parameter_compare.php' method='post'>
- <input type='hidden' name='oid' value='<?php echo $_GET['oid'] ?>'>
+ <input type='hidden' name='oid' value='<?php echo $ObjId ?>'>
Compare to object:
<select name='compare_to'>
- <?php object_selection($this->database, $_GET['oid']); ?>
+ <?php object_selection($this->database, $ObjId ); ?>
</select>
<input type='hidden' name='class' value='package'>
<input type='checkbox' name='show_removed' value='on'>Show removed parameters
echo "<table>";
$row = 0;
$start_time = getmicrotime();
+ $res = pg_exec($this->database, "SELECT paramid, class, name, description FROM parameter "
+ ."WHERE objectid= CAST('" . $ObjId . "' AS BIGINT) order by class, name");
while ($row < pg_numrows($res))
{
$par = pg_fetch_object($res, $row);
<tr><td align='center'>
<?php echo $par->class?>
</td><td>
- <?php echo $par->name?>
+ <?php echo "<a href=parameter.php?paramid=" . $par->paramid . ">" . $par->name . "</a>"?>
</td><td>
<?php echo $par->description?>
</td><td>
echo "$row parameters in " . round($duration, 3) . " seconds (";
echo round($duration / $row * 1000, 3) . " milliseconds per parameter).<br>";
+ ?>
+ <h2>Create new parameter:</h2>
+ <p>
+ <form action='parameter.php?oid=<?php echo $ObjId ?>' method='post'>
+ Class : <input type='text' name='paramclass'>
+ Name : <input type='text' name='paramname'>
+ Description : <input type='text' name='paramdescr'>
+ <br>
+ <input type='submit' name='action' value='Create Parameter'>
+ </form>
+ </p>
+ <?php
+ }
+ if (!empty($_GET['paramid']))
+ {
+ // Edit a specific parameter
+
+ $paramid = $_GET['paramid'];
+ $par = pg_fetch_object(pg_exec($this->database, "SELECT * FROM parameter WHERE paramid='$paramid'"), 0);
+
+ if (isset($_POST['action']) && $_POST['action'] == 'Update Parameter')
+ {
+ // Update each property if its value has changed
+
+ $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='" . $par->class . "'");
+ for ($row = 0; $row < pg_numrows($class_res); $row++)
+ {
+ $prop = pg_fetch_object($class_res, $row);
+ $pname = $prop->property_name;
+ $property = pg_fetch_object(pg_exec($this->database,
+ "SELECT value FROM property WHERE paramid='$paramid' AND name='$pname'"), 0);
+ $pvalue = $property->value;
+ if ($pvalue != $_POST[$pname])
+ {
+ $pvalue = $_POST[$pname];
+
+ pg_exec($this->database, "UPDATE property SET value='$pvalue' WHERE paramid='$paramid' AND name='$pname'");
+
+ $insertion = "insert into history (paramid, modified, change_nature, changed_property, new_value)";
+ $insertion .= " values ('" . $paramid . "', '";
+ $insertion .= date('Y-m-d H:i:s') . "', 'MODIFIED', '";
+ $insertion .= $pname . "', '" . $pvalue . "')";
+
+ pg_exec($this->database, $insertion);
+ }
+ }
+ }
+
+ echo "<h1>Parameter " . $par->name . " of class " . $par->class . "</h1>\n";
+
+ echo "<form action='parameter.php?paramid=$paramid' method='post'>\n";
+ echo "Description : <input type='text' name='paramdescr' value='" . $par->description . "'>\n";
+ echo "<br>";
+ echo "<table>\n";
+ echo "<tr><th>Property</th><th>Description</th><th>Value</th></tr>\n";
+
+ $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='" . $par->class . "'");
+ for ($row = 0; $row < pg_numrows($class_res); $row++)
+ {
+ $prop = pg_fetch_object($class_res, $row);
+ $pname = $prop->property_name;
+ $property = pg_fetch_object(pg_exec($this->database,
+ "SELECT value FROM property WHERE paramid='$paramid' AND name='$pname'"), 0);
+ $pvalue = $property->value;
+ echo "<tr>";
+ echo "<td>", $pname, "</td><td>", $prop->description, "</td>";
+ echo "<td><input type='text' name='$pname' value='$pvalue'></td>";
+ echo "</tr>\n";
+ }
+ echo "</table>\n";
+ echo "<input type='submit' name='action' value='Update Parameter'>\n";
+ echo "</form>\n";
+
+ echo "<h2>Change history for " . $par->class . " parameter " . $par->name . "</h2>";
+
+ $histres = pg_exec($this->database, "SELECT * FROM history WHERE paramid='$paramid' ORDER BY modified");
+ echo "<table>";
+ for ($row = 0; $row < pg_numrows($histres); $row++)
+ {
+ $hist = pg_fetch_object($histres, $row);
+ echo "<tr>";
+ echo "<td>" . $hist->changed_property . "</td>";
+ echo "<td>" . $hist->modified . "</td>";
+ echo "<td>" . $hist->change_nature . "</td>";
+ echo "<td>" . $hist->new_value . "</td>";
+ echo "</tr>\n";
+ }
+ echo "</table>";
}
}
}