20230702 Closes #217 Closes #218 Closes #222 Closes #223

         Closes #224 Closes #225 Closes #226
         Code Cleanup.

     File(s): base_ag_main.php
            : base_local_rules.php
            : includes/base_krnl.php
            : includes/base_net.inc.php
            : includes/base_state_citems.inc.php
            : includes/base_state_query.inc.php
              Code Cleanup.
     File(s): base_common.php
              Code Cleanup.
    Issue(s): #222
 Function(s): Removed: BuildIPFormVars(), BuildSrcIPFormVars(), &
              BuildDstIPFormVars().
 Function(s): BuildIPFormVar( ip, addr_type, criteria_instance )
              Returns HTTP Query String fragment containing IP
              Address search criteria; or empty string on invalid
              IP.
              Note: Curently the NULL_IP constant is also treated
              as valid foe backward compatibility reasons. This
              "feature" will be removed in the future, when code
              depending on NULL_IP being in the HTTP Query String
              is removed.
     File(s): base_db_common.php
            : includes/base_db.inc.php
              Code Cleanup.
    Issue(s): #226
     File(s): base_maintenance.php
            : composer.json
            : includes/base_auth.inc.php
            : includes/base_capabilities.php
              Code Cleanup.
    Issue(s): #225
     File(s): base_stat_ipaddr.php
    Issue(s): #217
              Code Cleanup.
     File(s): base_stat_uaddr.php
    Issue(s): #223
              Code Cleanup.
     File(s): includes/base_log_error.inc.php
    Issue(s): #226
 Function(s): returnBuildError( Desc, Opt, dll )
              Added dll paramater to provide more
              meaningful error reports for Windows
              installations.
     File(s): includes/base_rtl.php
              Code Cleanup.
              Bumped RTL Version to 0.0.12
    Issue(s): #224 #225
 Function(s): BCMi()
              Returns true if BCMath is installed, false otherwise.
            : GMPi()
              Returns true if GMP is installed, false otherwise.
            : IPv6i()
              Returns true if RTL can handle IPv6 on this installation.
              Sets New Constant BASE_RTL_IPv6 accordingly.
     File(s): includes/base_state_criteria.inc.php
    Issue(s): #218
Unit Test(s): Covers BuildIPFormVar(), the following in the
              CriteriaState Class, ReadState().

Author: NathanGibbs3

base_ag_main.php

@@ -102,7 +102,7 @@
 $qs->AddValidAction("email_alert");
 $qs->AddValidAction("email_alert2");
 $qs->AddValidAction("clear_alert");
-  
+
 $qs->AddValidActionOp(_SELECTED);
 $qs->AddValidActionOp(_ALLONSCREEN);
 $qs->AddValidActionOp(_ENTIREQUERY);

base_common.php

@@ -113,28 +113,45 @@ function PrintProtocolProfileGraphs( $db ){
 	PrintFramedBoxFooter(0,2);
 }
 
-function BuildIPFormVars( $ipaddr ){
-	return '' .
-    '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src&ip_addr%5B0%5D%5B2%5D=%3D'.
-    '&ip_addr%5B0%5D%5B3%5D='.$ipaddr.
-    '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=OR'.
-    '&ip_addr%5B1%5D%5B0%5D=+&ip_addr%5B1%5D%5B1%5D=ip_dst&ip_addr%5B1%5D%5B2%5D=%3D'.
-    '&ip_addr%5B1%5D%5B3%5D='.$ipaddr.
-    '&ip_addr%5B1%5D%5B8%5D=+&ip_addr%5B1%5D%5B9%5D=+';
-}
-
-function BuildSrcIPFormVars( $ipaddr ){
-	return '' .
-    '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src&ip_addr%5B0%5D%5B2%5D=%3D'.
-    '&ip_addr%5B0%5D%5B3%5D='.$ipaddr.
-    '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+';
-}
-
-function BuildDstIPFormVars( $ipaddr ){
-	return '' .
-    '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_dst&ip_addr%5B0%5D%5B2%5D=%3D'.
-    '&ip_addr%5B0%5D%5B3%5D='.$ipaddr.
-    '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+';
+function BuildIPFormVar( $ip = '', $type = 2, $idx = 0 ){
+	// Returns HTTP Query String fragment containing IP Address search
+	// criteria; or empty string on invalid IP.
+	//
+	// Note: Curently the NULL_IP constant is also returned as valid foe
+	// backward compatibility reasons. This "feature" will be removed in the
+	// future, once we untagle the code that depends on NULL_IP being present
+	// in the passed param.
+	$Ret = ''; // Default Return
+	if( is_ip($ip) || $ip == NULL_IP ){ // NULL_IP = Backwards Compat Hack.
+		$type = intval($type); // Type Lock this.
+		$idx = intval($idx); // Type Lock this.
+		if( $type < 1 || $type > 3 ){ // Input Validation.
+			$type = 2;
+		}
+		if( $idx < 0 || $idx > 1 ){ // Input Validation.
+			$idx = 0;
+		}
+		// Lock to PHP 8.1+ settings.
+		$Flag = ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401;
+		$FPFX = htmlentities('&' . urlencode("ip_addr[$idx]["), $Flag);
+		$FSFX = urlencode(']') . '=';
+		$Pfx = $FPFX . "0$FSFX" . urlencode(' ') . $FPFX . "1$FSFX";
+		$Mfx = $FPFX . "2$FSFX" . urlencode('=') . $FPFX . "3$FSFX";
+		$Sfx = $FPFX . "8$FSFX" . urlencode(' ') . $FPFX . "9$FSFX";
+		if( $type == 1 ){ // Src
+			$tmp = 'ip_src';
+		}elseif( $type == 2 ){ // Dst
+			$tmp = 'ip_dst';
+		}else{ // Both
+			$tmp = BuildIPFormVar($ip, 1);
+			$Ret = substr($tmp, 0, -1) . 'OR' . BuildIPFormVar($ip, 2, 1);
+			$tmp = '';
+		}
+		if( LoadedString($tmp)){
+			$Ret = "$Pfx$tmp$Mfx" . urlencode($ip) . $Sfx . urlencode(' ');
+		}
+	}
+	return $Ret;
 }
 
 function BuildUniqueAddressLink( $addr_type, $raw = '' ){
@@ -150,10 +167,9 @@ function BuildAddressLink( $ipaddr, $netmask ){
 	. '&amp;netmask=' . $netmask . '">';
 }
 
-// Add blank row to given criteria element.
 function AddCriteriaFormRow(
 	&$submit, $submit_value, &$cnt, &$criteria_array, $max
-){
+){ // Add blank row to given criteria element.
 	$submit = $submit_value;
 	++$cnt;
 	InitArray($criteria_array[$cnt-1], $max, 0, '');
@@ -1059,9 +1075,7 @@ function ChkLib ( $path = '', $LibLoc = '', $LibFile = '' ){
 			}else{
 				$Msg .= 'not ';
 			}
-			if( $tmp == 0 ){
-				$Msg .= 'file';
-			}elseif( $tmp == -1 ){
+			if( $tmp == -1 ){
 				$Msg .= 'found';
 			}elseif( $tmp == -2 ){
 				$Msg .= 'readable';

base_db_common.php

@@ -69,32 +69,45 @@ function verify_php_build( $DBtype ){
 		// On PHP 5.5+, use mysqli ADODB driver & gracefully deprecate the
 		// mysql, mysqlt & maxsql drivers.
 		if( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 4) ){
-			if( !(function_exists('mysqli_connect')) ){
+			if( !extension_loaded('mysqli') ){
 				$Ret = returnBuildError('MySQLi', '--with-mysqli');
-				$Ret .= NLI('Unable to read ALERT DB.<br/>'); // TD This.
 			}
 		}else{
 			if( !(function_exists("mysql_connect")) ){
 				return _ERRPHPMYSQLSUP;
 			}
 		}
-	}elseif( $DBtype == "postgres" ){
+	}elseif( $DBtype == 'postgres' ){
 		if( !(function_exists("pg_connect")) ){
 			return _ERRPHPPOSTGRESSUP;
 		}
-	}elseif( $DBtype == "mssql" ){
-		if( !(function_exists("mssql_connect")) ){
-			return _ERRPHPMSSQLSUP;
+	// @codeCoverageIgnoreStart
+	}elseif( $DBtype == 'mssql' ){
+		// On PHP 5.3+, use mssqlnative ADODB driver & gracefully deprecate
+		// the mssql driver.
+		if( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 2) ){
+			if( !extension_loaded('sqlsrv') ){
+				$Ret = returnBuildError(
+					'MS SQL Server', '--enable-sqlsrv', 'php_sqlsrv.dll'
+				);
+			}
+		}else{
+			if( !(function_exists("mssql_connect")) ){
+				return _ERRPHPMSSQLSUP;
+			}
 		}
 	}elseif( $DBtype == "oci8" ){
 		if( !(function_exists("ocilogon")) ){
 			return _ERRPHPORACLESUP;
 		}
-	// Additional DB Support would tie in here.
-	}else{
+	// @codeCoverageIgnoreEnd
+	}else{ // Additional DB Support would tie in here.
 		return '<b>' . _ERRSQLDBTYPE . '</b>: ' . _ERRSQLDBTYPEINFO1
 		. "'$DBtype'." . _ERRSQLDBTYPEINFO2;
 	}
+	if( LoadedString($Ret) ){
+		$Ret .= NLI('Unable to read ALERT DB.<br/>'); // TD This.
+	}
 	return $Ret;
 }
 

base_local_rules.php

@@ -156,7 +156,7 @@ function search_dir($dir, $sid){
 ############# main() ##############
 AuthorizedRole(10000);
 PrintBASESubHeader('Local Rule Lookup');
-$tmp = ChkAccess($dir, 'd') > 0
+$tmp = ChkAccess($dir, 'd');
 if ( $tmp > 1 ){
 	echo "<H1>sid: $OSid</H1>\n";
 	if( $debug_mode > 0 ){

base_maintenance.php

@@ -153,7 +153,7 @@
 	);
 }
 if( $AdminAuth ){ // Issue #146 Fix
-	$PF_lst = array('Mail', 'GD', 'GMP');
+	$PF_lst = array('Mail', 'GD', 'GMP', 'BCMath');
 	foreach( $PF_lst as $val ){
 		$PF_St[$val] = $BCR->GetCap("PHP_$val");
 	}

base_stat_ipaddr.php

@@ -229,9 +229,8 @@ function PrintPortscanEvents($db, $ip)
         </TABLE>';
 }
 
-function PrintEventsByIP($db, $ip)
-{
-  GLOBAL $debug_mode;
+function PrintEventsByIP( $db, $ip ){
+	GLOBAL $debug_mode;
 
   if (!isset($ip))
   {
@@ -287,16 +286,16 @@ function PrintEventsByIP($db, $ip)
    {
      SQLTraceLog(__FILE__ . ":" . __LINE__ . ":" . __FUNCTION__ . ": After BuildSigByID()");
    }
-   $tmp_iplookup = 'base_qry_main.php?new=1'.
-                   '&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D='.(rawurlencode(GetSignatureName($unique_events[$i], $db))).
-                   '&amp;num_result_rows=-1'.
-                   '&amp;submit='._QUERYDBP.'&amp;current_view=-1&amp;ip_addr_cnt=2'.
-                   BuildIPFormVars($ip);
-
-   $tmp_sensor_lookup = 'base_stat_sensor.php?'.
-                        'sig%5B0%5D=%3D&amp;sig%5B1%5D='.
-                        (rawurlencode($unique_events[$i])).
-                        '&amp;ip_addr_cnt=2'.BuildIPFormVars($ip);
+		$tmp_iplookup = 'base_qry_main.php?new=1'
+		. '&amp;sig%5B0%5D=%3D&amp;sig%5B1%5D='
+		. rawurlencode(GetSignatureName($unique_events[$i], $db))
+		. '&amp;num_result_rows=-1&amp;submit='
+		. _QUERYDBP . '&amp;current_view=-1&amp;ip_addr_cnt=2'
+		. BuildIPFormVar($ip, 3);
+		$tmp_sensor_lookup = 'base_stat_sensor.php?'
+		. 'sig%5B0%5D=%3D&amp;sig%5B1%5D='
+		. rawurlencode($unique_events[$i])
+		. '&amp;ip_addr_cnt=2' . BuildIPFormVar($ip, 3);
 
    echo "  <TD align='center'> <A HREF=\"$tmp_iplookup\">$total</A> ";
    echo "  <TD align='center'> <A HREF=\"$tmp_sensor_lookup\">$num_sensors</A> ";
@@ -305,33 +304,29 @@ function PrintEventsByIP($db, $ip)
    echo '</TR>';
  }
 
- echo "</TABLE>\n";
+	PrintFramedBoxFooter(0,2);
 }
 
+$Sep = ' | '; // Separator.
   if ( sizeof($sig) != 0 && strstr($sig[1], "spp_portscan") )
      $sig[1] = "";
 
-  /*  Build new link for criteria-based sensor page 
-   *                    -- ALS <[email protected]>
-   */
-   $tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2'.
-                        BuildIPFormVars($ip);
+//  Build new link for criteria-based sensor page - ALS <[email protected]>
+$tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2'
+. BuildIPFormVar($ip, 3);
 
+$tmp_srcdst_iplookup = 'base_qry_main.php?new=2&amp;num_result_rows=-1'
+. '&amp;submit=' . _QUERYDBP . '&amp;current_view=-1&amp;ip_addr_cnt=2'
+. BuildIPFormVar($ip, 3);
 
-   $tmp_srcdst_iplookup = 'base_qry_main.php?new=2'.
-                          '&amp;num_result_rows=-1'.
-                          '&amp;submit='._QUERYDBP.'&amp;current_view=-1&amp;ip_addr_cnt=2'.
-                          BuildIPFormVars($ip);
+$tmp_src_iplookup = 'base_qry_main.php?new=2&amp;num_result_rows=-1'
+. '&amp;submit=' . _QUERYDBP . '&amp;current_view=-1&amp;ip_addr_cnt=1'
+. BuildIPFormVar($ip, 1);
 
-   $tmp_src_iplookup    = 'base_qry_main.php?new=2'.
-                          '&amp;num_result_rows=-1'.
-                          '&amp;submit='._QUERYDBP.'&amp;current_view=-1&amp;ip_addr_cnt=1'.
-                          BuildSrcIPFormVars($ip);
+$tmp_dst_iplookup = 'base_qry_main.php?new=2&amp;num_result_rows=-1'
+. '&amp;submit=' . _QUERYDBP . '&amp;current_view=-1&amp;ip_addr_cnt=1'
+. BuildIPFormVar($ip, 2);
 
-   $tmp_dst_iplookup    = 'base_qry_main.php?new=2'.
-                          '&amp;num_result_rows=-1'.
-                          '&amp;submit='._QUERYDBP.'&amp;current_view=-1&amp;ip_addr_cnt=1'.
-                          BuildDstIPFormVars($ip);
   echo '<CENTER>';
   printf ("<FONT>"._PSALLALERTSAS.":</FONT>",$ip,$netmask); 
   echo '
@@ -351,25 +346,39 @@ function PrintEventsByIP($db, $ip)
        <A HREF="http://www.db.ripe.net/whois?query='.$ip.'" target="_NEW">RIPE</A> |
        <A HREF="http://wq.apnic.net/apnic-bin/whois.pl?do_search=Search&amp;searchtext='.$ip.'" target="_NEW">APNIC</A> |
        <A HREF="http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&amp;query='.$ip.'" target="_NEW">LACNIC</A><BR></FONT>';
-	// Have no idea why this code is here.
-	// Commenting it out as it was ccontributing to Issue #5
-	// $octet=preg_split("/\./", $ip);
-	// $classc=sprintf("%03s.%03s.%03s",$octet[0],$octet[1],$octet[2]);
-	print '<FONT>'._PSEXTERNAL.': ';
-	if (isset($external_dns_link)){
-		print '<A HREF="'.$external_dns_link.$ip.'" target="_NEW">DNS</A>';
-	}
-	if (isset($external_whois_link)){
-		print ' | <A HREF="'.$external_whois_link.$ip.'" target="_NEW">whois</A>';
-	}
-	if (isset($external_all_link)){
-		print ' | <A HREF="'.$external_all_link.$ip.'" target="_NEW">Extended whois</A>';
-	}
-	print ' | <A HREF="http://www.dshield.org/ipinfo.php?ip='.$ip.'&amp;Submit=Submit" target="_NEW">DShield.org IP Info</A> | '.
-      '<A HREF="http://www.trustedsource.org/query.php?q='.$ip.'" target="_NEW">TrustedSource.org IP Info</A> | '.
-      '<A HREF="http://isc.sans.org/ipinfo.html?ip='.$ip.'" target="_NEW">ISC Source/Subnet Report</A><BR> </FONT>';
+// Have no idea why this code is here.
+// Commenting it out as it was ccontributing to Issue #5
+// $octet=preg_split("/\./", $ip);
+// $classc=sprintf("%03s.%03s.%03s",$octet[0],$octet[1],$octet[2]);
+print _PSEXTERNAL . ': ';
+if( isset($external_dns_link) ){
+	NLIO(
+		"<a href='" . $external_dns_link . $ip
+		. "' target='_NEW'>DNS</a>$Sep", 2
+	);
+}
+if( isset($external_whois_link) ){
+	NLIO(
+		"<a href='" . $external_whois_link . $ip
+		. "' target='_NEW'>whois</a>$Sep", 2
+	);
+}
+if( isset($external_all_link) ){
+	NLIO(
+		"<a href='" . $external_all_link . $ip
+		. "' target='_NEW'>Extended whois</a>$Sep", 2
+	);
+}
+NLIO(
+	"<a href='" . 'https://www.dshield.org/ipinfo.html?ip=' . $ip
+	. "' target='_NEW'>DShield.org IP Info</a>$Sep", 2
+);
+NLIO(
+	"<a href='" . 'https://isc.sans.edu/ipinfo.html?ip=' . $ip
+	. "' target='_NEW'>ISC Source/Subnet Report</a>", 2
+);
+NLIO('<br/>');
 
-  
   echo '</CENTER>';
   echo '<HR>';
 
@@ -472,6 +481,6 @@ function PrintEventsByIP($db, $ip)
      PrintPortscanEvents($db, $ip);
      echo ' </CENTER>';	
   }
-NLIO('</form>',2);
+NLIO('</form>', 2);
 PrintBASESubFooter();
 ?>