From 0a1c68bebf72688fd42dfe5eff0080e848ab766d Mon Sep 17 00:00:00 2001 From: arjen Date: Thu, 11 Jan 2007 13:44:29 +0000 Subject: [PATCH] Manually edit parameters. View logs from abusing IP addresses. --- src/web/abuse.php | 91 ++++++++++++++-------- src/web/menu.html | 1 + src/web/notification.php | 69 +++++++++++++++-- src/web/page.class.php | 12 ++- src/web/parameter.php | 192 ++++++++++++++++++++++++++++++++++++++++++++--- 5 files changed, 311 insertions(+), 54 deletions(-) diff --git a/src/web/abuse.php b/src/web/abuse.php index 2595e0b..28eb373 100644 --- a/src/web/abuse.php +++ b/src/web/abuse.php @@ -9,7 +9,7 @@ *********************** ** FILE NAME : abuse.php ** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring -** VERSION NUMBER : $Revision: 1.1 $ +** VERSION NUMBER : $Revision: 1.2 $ ** ** DESCRIPTION : Abuse list page ** @@ -27,12 +27,16 @@ /***************************** $Log: abuse.php,v $ - Revision 1.1 2005-06-04 07:24:38 arjen + Revision 1.2 2007-01-11 13:44:29 arjen + Manually edit parameters. + View logs from abusing IP addresses. + + Revision 1.1 2005/06/04 07:24:38 arjen New page: Abuse list ******************************/ -// RCSID = "$Id: abuse.php,v 1.1 2005-06-04 07:24:38 arjen Exp $"; +// RCSID = "$Id: abuse.php,v 1.2 2007-01-11 13:44:29 arjen Exp $"; ini_set('include_path', '.:./classes:../phpclasses'); @@ -122,37 +126,60 @@ class abuse_list extends page "', '$Subnet', '$abuse_points', 'dropped')"); } - echo "
"; - echo "Report "; - echo " for IP address "; - echo "
"; - - echo "
"; - echo ""; - echo " or "; - echo " this subnet: "; - echo "
"; - - $res = pg_exec($this->database, "SELECT * FROM object_abuse - WHERE objectid='". $_GET['oid'] ."' ORDER BY source"); - - echo pg_numrows($res) . " records found.
"; - - echo ""; - echo "\n"; - - for ($ip = 0; $ip < pg_numrows($res); $ip++) + if (!empty($_GET['src'])) { - $abuse = pg_fetch_object($res, $ip); - echo ""; + $oid = $_GET['oid']; + $src = $_GET['src']; + $res = pg_exec($this->database, "SELECT logid FROM log_abuse WHERE objectid=$oid AND source <<= '$src'"); + echo "
IP addressAbusesStatus
"; - echo $abuse->source; - echo ""; - echo $abuse->nr_abuses; - echo ""; - echo $abuse->status; - echo "
"; + echo ""; + for ($row = 0; $row < pg_numrows($res); $row++) + { + $logid = pg_fetch_object($res, $row); + //$log = pg_fetch_object(pg_exec($this->database, "SELECT rawdata FROM log WHERE logid=" . $logid->logid), 0); + echo ""; + } + echo "
Abused log entry
"; + //echo $log->rawdata; + echo $logid->logid; + echo "
"; + } + else + { + echo "
"; + echo "Report "; + echo " for IP address "; + echo "
"; + + echo "
"; + echo ""; + echo " or "; + echo " this subnet: "; + echo "
"; + + $res = pg_exec($this->database, "SELECT * FROM object_abuse + WHERE objectid='". $_GET['oid'] ."' ORDER BY source"); + + echo pg_numrows($res) . " records found.
"; + + echo ""; + echo "\n"; + + for ($ip = 0; $ip < pg_numrows($res); $ip++) + { + $abuse = pg_fetch_object($res, $ip); + echo ""; + } + echo "
IP addressAbusesStatusLast Changed
"; + echo $abuse->source; + echo ""; + echo "" . $abuse->nr_abuses . ""; + echo ""; + echo $abuse->status; + echo ""; + echo $abuse->last_changed; + echo "
"; } - echo ""; } } } diff --git a/src/web/menu.html b/src/web/menu.html index 7443d80..3ea50d2 100644 --- a/src/web/menu.html +++ b/src/web/menu.html @@ -9,6 +9,7 @@ Objects Users Services + Issues Classes Logout
diff --git a/src/web/notification.php b/src/web/notification.php index c687b6d..d779819 100644 --- a/src/web/notification.php +++ b/src/web/notification.php @@ -9,7 +9,7 @@ *********************** ** FILE NAME : notification.php ** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring -** VERSION NUMBER : $Revision: 1.3 $ +** VERSION NUMBER : $Revision: 1.4 $ ** ** DESCRIPTION : Display and handle notifications. ** There are two major views to this page: either a list of @@ -36,7 +36,11 @@ /***************************** $Log: notification.php,v $ - Revision 1.3 2003-02-21 08:49:16 arjen + Revision 1.4 2007-01-11 13:44:29 arjen + Manually edit parameters. + View logs from abusing IP addresses. + + Revision 1.3 2003/02/21 08:49:16 arjen Keep a record of each time a notification is displayed. Either on a listing or in detail. @@ -48,7 +52,7 @@ ******************************/ -// RCSID = "$Id: notification.php,v 1.3 2003-02-21 08:49:16 arjen Exp $"; +// RCSID = "$Id: notification.php,v 1.4 2007-01-11 13:44:29 arjen Exp $"; ini_set('include_path', '.:./classes:../phpclasses'); @@ -109,6 +113,53 @@ function add_action($db, $note, $actionid, $remark) class notification_page extends page { + function notification_list($objectid) + { + + // Display a list of all notifications for this object['oid'] + + $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid=" . $objectid); + $obj = pg_fetch_object($res, 0); + echo "

Notifications for " . $obj->objectname . "

"; + + $res = pg_exec($this->database, "SELECT notificationid, timestamp, type_of_issueid, + statuscode, priority + FROM notification WHERE objectid= CAST ('" + . $objectid ."' AS BIGINT) AND statuscode != 'cls'" + . " ORDER BY notificationid"); + + echo ""; + $row = 0; + while ($row < pg_numrows($res)) + { + $note = pg_fetch_object($res, $row); + $r = pg_exec($this->database, "SELECT name from type_of_issue WHERE type_of_issueid = CAST('" + . $note->type_of_issueid . "' AS BIGINT)"); + $issue = pg_fetch_object($r, 0); + echo "\n"; + $row++; + + //Save evidence that this notification was presented to the user. + //$note->statuscode = add_action($this->database, $note, 21, + // "This notification was displayed with others from the same object"); + } + echo "
\n"; + echo $note->timestamp; + echo ""; + echo $note->notificationid; + echo ""; + echo ""; + echo $issue->name; + echo ""; + echo ""; + echo $note->statuscode; + echo ""; + echo $note->priority; + echo "
"; + } + function display_notification($note) { $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid= CAST ('" . $note->objectid . "' AS BIGINT)"); @@ -197,7 +248,7 @@ class notification_page extends page $r = pg_exec($this->database, "SELECT * FROM log WHERE logid IN ( SELECT logid FROM log_notification WHERE notificationid = CAST ('" - . $note->notificationid . "' AS BIGINT))"); + . $note->notificationid . "' AS BIGINT)) ORDER BY object_timestamp"); if (pg_numrows($r) > 0) { echo "

Log entries involved in this notification

"; @@ -213,7 +264,7 @@ class notification_page extends page echo ""; echo $p->servicecode; echo ""; - echo $p->rawdata; + echo htmlentities($p->rawdata); echo ""; } @@ -233,7 +284,7 @@ class notification_page extends page $possible_action = array ( - "opn" => array (3, 6, 7), + "opn" => array (3, 6, 7, 13), "pen" => array (3, 6, 7, 8, 11, 18), "inv" => array (3, 9), "vrf" => array (12, 13), @@ -311,8 +362,8 @@ class notification_page extends page $row++; //Save evidence that this notification was presented to the user. - $note->statuscode = add_action($this->database, $note, 21, - "This notification was displayed with others from the same object"); + //$note->statuscode = add_action($this->database, $note, 21, + // "This notification was displayed with others from the same object"); } echo ""; } @@ -341,6 +392,7 @@ class notification_page extends page $this->display_notification($note); echo "
"; $this->notification_form($note); + $this->notification_list($note->objectid); } else if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['notid'])) { @@ -356,6 +408,7 @@ class notification_page extends page $this->display_notification($note); echo "
"; $this->notification_form($note); + $this->notification_list($note->objectid); } else { diff --git a/src/web/page.class.php b/src/web/page.class.php index 39f45a0..d0b0332 100644 --- a/src/web/page.class.php +++ b/src/web/page.class.php @@ -8,7 +8,7 @@ *********************** ** FILE NAME : page.class.php ** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring -** VERSION NUMBER : $Revision: 1.7 $ +** VERSION NUMBER : $Revision: 1.8 $ ** ** DESCRIPTION : Base class for Gnucomo web interface pages. ** @@ -26,7 +26,11 @@ /***************************** $Log: page.class.php,v $ - Revision 1.7 2003-12-24 07:41:23 arjen + Revision 1.8 2007-01-11 13:44:29 arjen + Manually edit parameters. + View logs from abusing IP addresses. + + Revision 1.7 2003/12/24 07:41:23 arjen Changed version number Revision 1.6 2003/09/04 06:53:40 arjen @@ -50,7 +54,7 @@ ******************************/ -// RCSID = "$Id: page.class.php,v 1.7 2003-12-24 07:41:23 arjen Exp $"; +// RCSID = "$Id: page.class.php,v 1.8 2007-01-11 13:44:29 arjen Exp $"; require_once('gnucomo_config.php'); @@ -117,7 +121,7 @@ class page $this->database = false; $this->path = $path; session_start(); - set_error_handler("error"); + //set_error_handler("error"); } function Head() diff --git a/src/web/parameter.php b/src/web/parameter.php index 110a5fb..393457b 100644 --- a/src/web/parameter.php +++ b/src/web/parameter.php @@ -9,9 +9,10 @@ *********************** ** FILE NAME : parameter.php ** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring -** VERSION NUMBER : $Revision: 1.7 $ +** VERSION NUMBER : $Revision: 1.8 $ ** -** DESCRIPTION : +** DESCRIPTION : Parameter administration for a specific object. +** Input - GET[oid] : Object id ** ** EXPORTED OBJECTS : ** LOCAL OBJECTS : @@ -27,7 +28,11 @@ /***************************** $Log: parameter.php,v $ - Revision 1.7 2003-12-03 08:03:28 arjen + Revision 1.8 2007-01-11 13:44:29 arjen + Manually edit parameters. + View logs from abusing IP addresses. + + Revision 1.7 2003/12/03 08:03:28 arjen Optionally show or hide removed parameters from the parameter comparison page. @@ -48,7 +53,7 @@ ******************************/ -// RCSID = "$Id: parameter.php,v 1.7 2003-12-03 08:03:28 arjen Exp $"; +// RCSID = "$Id: parameter.php,v 1.8 2007-01-11 13:44:29 arjen Exp $"; ini_set('include_path', '.:./classes:../phpclasses'); @@ -87,19 +92,96 @@ class param_page extends page if (!empty($_GET['oid'])) { - $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid=CAST('" . $_GET['oid']."' AS BIGINT)"); + $ObjId = $_GET['oid']; + + $res = pg_exec($this->database, "SELECT objectname FROM object WHERE objectid=CAST('" . $ObjId ."' AS BIGINT)"); $obj = pg_fetch_object($res, 0); echo "

Parameters for " . $obj->objectname . "

"; - $res = pg_exec($this->database, "SELECT paramid, class, name, description FROM parameter " - ."WHERE objectid= CAST('" . $_GET['oid'] . "' AS BIGINT) order by class, name"); + echo "Action = " . $_POST['action'] . "
"; + // See if we have an update for the database + if (isset($_POST['action']) && $_POST['action'] == 'Create Parameter') + { + $name = $_POST['paramname']; + $class = $_POST['paramclass']; + $description = $_POST['paramdescr']; + + echo "

Creating parameter $name of class $class.

"; + + echo "
"; + echo ""; + echo ""; + echo "Description : "; + echo "
"; + echo ""; + echo ""; + + $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='$class'"); + for ($row = 0; $row < pg_numrows($class_res); $row++) + { + $prop = pg_fetch_object($class_res, $row); + echo ""; + echo ""; + echo ""; + echo ""; + } + echo "
PropertyDescriptionValue
", $prop->property_name, "", $prop->description, "
"; + echo ""; + echo "
"; + } + + if (isset($_POST['action']) && $_POST['action'] == 'Save New Parameter') + { + $name = $_POST['paramname']; + $class = $_POST['paramclass']; + $description = $_POST['paramdescr']; + + echo "

Saving new parameter $name of class $class.

"; + + echo "Description : $description"; + echo "
"; + + $insertion = "insert into parameter (objectid, name, class, description) values "; + $insertion .= "('$ObjId', '$name', '$class', '$description')"; + pg_exec($this->database, $insertion); + $par = pg_fetch_object(pg_exec($this->database, "select currval('paramid_seq')"), 0); + + echo ""; + echo ""; + + $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='$class'"); + for ($row = 0; $row < pg_numrows($class_res); $row++) + { + $prop = pg_fetch_object($class_res, $row); + $insertion = "insert into property (paramid, name, value, type, min, max) values ('"; + $insertion .= $par->currval . "', '" . $prop->property_name . "', '"; + $insertion .= $_POST[$prop->property_name] . "', '" . $prop->property_type . "', '"; + $insertion .= $prop->min . "', '" . $prop->max . "')"; + + pg_exec($this->database, $insertion); + + $insertion = "insert into history (paramid, modified, change_nature, changed_property, new_value)"; + $insertion .= " values ('" . $par->currval . "', '"; + $insertion .= date('Y-m-d H:i:s') . "', 'CREATED', '"; + $insertion .= $prop->property_name . "', '" . $_POST[$prop->property_name] . "')"; + + pg_exec($this->database, $insertion); + + echo ""; + echo ""; + echo ""; + echo ""; + } + echo "
PropertyDescriptionValue
", $prop->property_name, "", $prop->description, "" . $_POST[$prop->property_name] . "
"; + } + ?>
- '> + Compare to object: Show removed parameters @@ -110,6 +192,8 @@ class param_page extends page echo ""; $row = 0; $start_time = getmicrotime(); + $res = pg_exec($this->database, "SELECT paramid, class, name, description FROM parameter " + ."WHERE objectid= CAST('" . $ObjId . "' AS BIGINT) order by class, name"); while ($row < pg_numrows($res)) { $par = pg_fetch_object($res, $row); @@ -123,7 +207,7 @@ class param_page extends page
class?> - name?> + paramid . ">" . $par->name . ""?> description?> @@ -146,6 +230,94 @@ class param_page extends page echo "$row parameters in " . round($duration, 3) . " seconds ("; echo round($duration / $row * 1000, 3) . " milliseconds per parameter).
"; + ?> +

Create new parameter:

+

+ + Class : + Name : + Description : +
+ + +

+ database, "SELECT * FROM parameter WHERE paramid='$paramid'"), 0); + + if (isset($_POST['action']) && $_POST['action'] == 'Update Parameter') + { + // Update each property if its value has changed + + $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='" . $par->class . "'"); + for ($row = 0; $row < pg_numrows($class_res); $row++) + { + $prop = pg_fetch_object($class_res, $row); + $pname = $prop->property_name; + $property = pg_fetch_object(pg_exec($this->database, + "SELECT value FROM property WHERE paramid='$paramid' AND name='$pname'"), 0); + $pvalue = $property->value; + if ($pvalue != $_POST[$pname]) + { + $pvalue = $_POST[$pname]; + + pg_exec($this->database, "UPDATE property SET value='$pvalue' WHERE paramid='$paramid' AND name='$pname'"); + + $insertion = "insert into history (paramid, modified, change_nature, changed_property, new_value)"; + $insertion .= " values ('" . $paramid . "', '"; + $insertion .= date('Y-m-d H:i:s') . "', 'MODIFIED', '"; + $insertion .= $pname . "', '" . $pvalue . "')"; + + pg_exec($this->database, $insertion); + } + } + } + + echo "

Parameter " . $par->name . " of class " . $par->class . "

\n"; + + echo "
\n"; + echo "Description : \n"; + echo "
"; + echo "\n"; + echo "\n"; + + $class_res = pg_exec($this->database, "SELECT * FROM parameter_class WHERE name='" . $par->class . "'"); + for ($row = 0; $row < pg_numrows($class_res); $row++) + { + $prop = pg_fetch_object($class_res, $row); + $pname = $prop->property_name; + $property = pg_fetch_object(pg_exec($this->database, + "SELECT value FROM property WHERE paramid='$paramid' AND name='$pname'"), 0); + $pvalue = $property->value; + echo ""; + echo ""; + echo ""; + echo "\n"; + } + echo "
PropertyDescriptionValue
", $pname, "", $prop->description, "
\n"; + echo "\n"; + echo "
\n"; + + echo "

Change history for " . $par->class . " parameter " . $par->name . "

"; + + $histres = pg_exec($this->database, "SELECT * FROM history WHERE paramid='$paramid' ORDER BY modified"); + echo ""; + for ($row = 0; $row < pg_numrows($histres); $row++) + { + $hist = pg_fetch_object($histres, $row); + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo "\n"; + } + echo "
" . $hist->changed_property . "" . $hist->modified . "" . $hist->change_nature . "" . $hist->new_value . "
"; } } } -- 2.11.0