diff --git a/base_ag_main.php b/base_ag_main.php index 0667fc2..c6a0096 100644 --- a/base_ag_main.php +++ b/base_ag_main.php @@ -102,7 +102,7 @@ $qs->AddValidAction("email_alert"); $qs->AddValidAction("email_alert2"); $qs->AddValidAction("clear_alert"); - + $qs->AddValidActionOp(_SELECTED); $qs->AddValidActionOp(_ALLONSCREEN); $qs->AddValidActionOp(_ENTIREQUERY); diff --git a/base_common.php b/base_common.php index 61799fe..6af811d 100644 --- a/base_common.php +++ b/base_common.php @@ -113,28 +113,45 @@ function PrintProtocolProfileGraphs( $db ){ PrintFramedBoxFooter(0,2); } -function BuildIPFormVars( $ipaddr ){ - return '' . - '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src&ip_addr%5B0%5D%5B2%5D=%3D'. - '&ip_addr%5B0%5D%5B3%5D='.$ipaddr. - '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=OR'. - '&ip_addr%5B1%5D%5B0%5D=+&ip_addr%5B1%5D%5B1%5D=ip_dst&ip_addr%5B1%5D%5B2%5D=%3D'. - '&ip_addr%5B1%5D%5B3%5D='.$ipaddr. - '&ip_addr%5B1%5D%5B8%5D=+&ip_addr%5B1%5D%5B9%5D=+'; -} - -function BuildSrcIPFormVars( $ipaddr ){ - return '' . - '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src&ip_addr%5B0%5D%5B2%5D=%3D'. - '&ip_addr%5B0%5D%5B3%5D='.$ipaddr. - '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; -} - -function BuildDstIPFormVars( $ipaddr ){ - return '' . - '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_dst&ip_addr%5B0%5D%5B2%5D=%3D'. - '&ip_addr%5B0%5D%5B3%5D='.$ipaddr. - '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; +function BuildIPFormVar( $ip = '', $type = 2, $idx = 0 ){ + // Returns HTTP Query String fragment containing IP Address search + // criteria; or empty string on invalid IP. + // + // Note: Curently the NULL_IP constant is also returned as valid foe + // backward compatibility reasons. This "feature" will be removed in the + // future, once we untagle the code that depends on NULL_IP being present + // in the passed param. + $Ret = ''; // Default Return + if( is_ip($ip) || $ip == NULL_IP ){ // NULL_IP = Backwards Compat Hack. + $type = intval($type); // Type Lock this. + $idx = intval($idx); // Type Lock this. + if( $type < 1 || $type > 3 ){ // Input Validation. + $type = 2; + } + if( $idx < 0 || $idx > 1 ){ // Input Validation. + $idx = 0; + } + // Lock to PHP 8.1+ settings. + $Flag = ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401; + $FPFX = htmlentities('&' . urlencode("ip_addr[$idx]["), $Flag); + $FSFX = urlencode(']') . '='; + $Pfx = $FPFX . "0$FSFX" . urlencode(' ') . $FPFX . "1$FSFX"; + $Mfx = $FPFX . "2$FSFX" . urlencode('=') . $FPFX . "3$FSFX"; + $Sfx = $FPFX . "8$FSFX" . urlencode(' ') . $FPFX . "9$FSFX"; + if( $type == 1 ){ // Src + $tmp = 'ip_src'; + }elseif( $type == 2 ){ // Dst + $tmp = 'ip_dst'; + }else{ // Both + $tmp = BuildIPFormVar($ip, 1); + $Ret = substr($tmp, 0, -1) . 'OR' . BuildIPFormVar($ip, 2, 1); + $tmp = ''; + } + if( LoadedString($tmp)){ + $Ret = "$Pfx$tmp$Mfx" . urlencode($ip) . $Sfx . urlencode(' '); + } + } + return $Ret; } function BuildUniqueAddressLink( $addr_type, $raw = '' ){ @@ -150,10 +167,9 @@ function BuildAddressLink( $ipaddr, $netmask ){ . '&netmask=' . $netmask . '">'; } -// Add blank row to given criteria element. function AddCriteriaFormRow( &$submit, $submit_value, &$cnt, &$criteria_array, $max -){ +){ // Add blank row to given criteria element. $submit = $submit_value; ++$cnt; InitArray($criteria_array[$cnt-1], $max, 0, ''); @@ -1059,9 +1075,7 @@ function ChkLib ( $path = '', $LibLoc = '', $LibFile = '' ){ }else{ $Msg .= 'not '; } - if( $tmp == 0 ){ - $Msg .= 'file'; - }elseif( $tmp == -1 ){ + if( $tmp == -1 ){ $Msg .= 'found'; }elseif( $tmp == -2 ){ $Msg .= 'readable'; diff --git a/base_db_common.php b/base_db_common.php index 737f733..0756e29 100644 --- a/base_db_common.php +++ b/base_db_common.php @@ -69,32 +69,45 @@ function verify_php_build( $DBtype ){ // On PHP 5.5+, use mysqli ADODB driver & gracefully deprecate the // mysql, mysqlt & maxsql drivers. if( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 4) ){ - if( !(function_exists('mysqli_connect')) ){ + if( !extension_loaded('mysqli') ){ $Ret = returnBuildError('MySQLi', '--with-mysqli'); - $Ret .= NLI('Unable to read ALERT DB.
'); // TD This. } }else{ if( !(function_exists("mysql_connect")) ){ return _ERRPHPMYSQLSUP; } } - }elseif( $DBtype == "postgres" ){ + }elseif( $DBtype == 'postgres' ){ if( !(function_exists("pg_connect")) ){ return _ERRPHPPOSTGRESSUP; } - }elseif( $DBtype == "mssql" ){ - if( !(function_exists("mssql_connect")) ){ - return _ERRPHPMSSQLSUP; + // @codeCoverageIgnoreStart + }elseif( $DBtype == 'mssql' ){ + // On PHP 5.3+, use mssqlnative ADODB driver & gracefully deprecate + // the mssql driver. + if( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 2) ){ + if( !extension_loaded('sqlsrv') ){ + $Ret = returnBuildError( + 'MS SQL Server', '--enable-sqlsrv', 'php_sqlsrv.dll' + ); + } + }else{ + if( !(function_exists("mssql_connect")) ){ + return _ERRPHPMSSQLSUP; + } } }elseif( $DBtype == "oci8" ){ if( !(function_exists("ocilogon")) ){ return _ERRPHPORACLESUP; } - // Additional DB Support would tie in here. - }else{ + // @codeCoverageIgnoreEnd + }else{ // Additional DB Support would tie in here. return '' . _ERRSQLDBTYPE . ': ' . _ERRSQLDBTYPEINFO1 . "'$DBtype'." . _ERRSQLDBTYPEINFO2; } + if( LoadedString($Ret) ){ + $Ret .= NLI('Unable to read ALERT DB.
'); // TD This. + } return $Ret; } diff --git a/base_local_rules.php b/base_local_rules.php index 8dd78e5..7bdb911 100644 --- a/base_local_rules.php +++ b/base_local_rules.php @@ -156,7 +156,7 @@ function search_dir($dir, $sid){ ############# main() ############## AuthorizedRole(10000); PrintBASESubHeader('Local Rule Lookup'); -$tmp = ChkAccess($dir, 'd') > 0 +$tmp = ChkAccess($dir, 'd'); if ( $tmp > 1 ){ echo "

sid: $OSid

\n"; if( $debug_mode > 0 ){ diff --git a/base_maintenance.php b/base_maintenance.php index aa8d360..3756b01 100644 --- a/base_maintenance.php +++ b/base_maintenance.php @@ -153,7 +153,7 @@ ); } if( $AdminAuth ){ // Issue #146 Fix - $PF_lst = array('Mail', 'GD', 'GMP'); + $PF_lst = array('Mail', 'GD', 'GMP', 'BCMath'); foreach( $PF_lst as $val ){ $PF_St[$val] = $BCR->GetCap("PHP_$val"); } diff --git a/base_stat_ipaddr.php b/base_stat_ipaddr.php index a9578ad..269b233 100644 --- a/base_stat_ipaddr.php +++ b/base_stat_ipaddr.php @@ -229,9 +229,8 @@ function PrintPortscanEvents($db, $ip) '; } -function PrintEventsByIP($db, $ip) -{ - GLOBAL $debug_mode; +function PrintEventsByIP( $db, $ip ){ + GLOBAL $debug_mode; if (!isset($ip)) { @@ -287,16 +286,16 @@ function PrintEventsByIP($db, $ip) { SQLTraceLog(__FILE__ . ":" . __LINE__ . ":" . __FUNCTION__ . ": After BuildSigByID()"); } - $tmp_iplookup = 'base_qry_main.php?new=1'. - '&sig%5B0%5D=%3D&sig%5B1%5D='.(rawurlencode(GetSignatureName($unique_events[$i], $db))). - '&num_result_rows=-1'. - '&submit='._QUERYDBP.'&current_view=-1&ip_addr_cnt=2'. - BuildIPFormVars($ip); - - $tmp_sensor_lookup = 'base_stat_sensor.php?'. - 'sig%5B0%5D=%3D&sig%5B1%5D='. - (rawurlencode($unique_events[$i])). - '&ip_addr_cnt=2'.BuildIPFormVars($ip); + $tmp_iplookup = 'base_qry_main.php?new=1' + . '&sig%5B0%5D=%3D&sig%5B1%5D=' + . rawurlencode(GetSignatureName($unique_events[$i], $db)) + . '&num_result_rows=-1&submit=' + . _QUERYDBP . '&current_view=-1&ip_addr_cnt=2' + . BuildIPFormVar($ip, 3); + $tmp_sensor_lookup = 'base_stat_sensor.php?' + . 'sig%5B0%5D=%3D&sig%5B1%5D=' + . rawurlencode($unique_events[$i]) + . '&ip_addr_cnt=2' . BuildIPFormVar($ip, 3); echo " $total "; echo " $num_sensors "; @@ -305,33 +304,29 @@ function PrintEventsByIP($db, $ip) echo ''; } - echo "\n"; + PrintFramedBoxFooter(0,2); } +$Sep = ' | '; // Separator. if ( sizeof($sig) != 0 && strstr($sig[1], "spp_portscan") ) $sig[1] = ""; - /* Build new link for criteria-based sensor page - * -- ALS - */ - $tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2'. - BuildIPFormVars($ip); +// Build new link for criteria-based sensor page - ALS +$tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2' +. BuildIPFormVar($ip, 3); +$tmp_srcdst_iplookup = 'base_qry_main.php?new=2&num_result_rows=-1' +. '&submit=' . _QUERYDBP . '&current_view=-1&ip_addr_cnt=2' +. BuildIPFormVar($ip, 3); - $tmp_srcdst_iplookup = 'base_qry_main.php?new=2'. - '&num_result_rows=-1'. - '&submit='._QUERYDBP.'&current_view=-1&ip_addr_cnt=2'. - BuildIPFormVars($ip); +$tmp_src_iplookup = 'base_qry_main.php?new=2&num_result_rows=-1' +. '&submit=' . _QUERYDBP . '&current_view=-1&ip_addr_cnt=1' +. BuildIPFormVar($ip, 1); - $tmp_src_iplookup = 'base_qry_main.php?new=2'. - '&num_result_rows=-1'. - '&submit='._QUERYDBP.'&current_view=-1&ip_addr_cnt=1'. - BuildSrcIPFormVars($ip); +$tmp_dst_iplookup = 'base_qry_main.php?new=2&num_result_rows=-1' +. '&submit=' . _QUERYDBP . '&current_view=-1&ip_addr_cnt=1' +. BuildIPFormVar($ip, 2); - $tmp_dst_iplookup = 'base_qry_main.php?new=2'. - '&num_result_rows=-1'. - '&submit='._QUERYDBP.'&current_view=-1&ip_addr_cnt=1'. - BuildDstIPFormVars($ip); echo '
'; printf (""._PSALLALERTSAS.":",$ip,$netmask); echo ' @@ -351,25 +346,39 @@ function PrintEventsByIP($db, $ip) RIPE | APNIC | LACNIC
'; - // Have no idea why this code is here. - // Commenting it out as it was ccontributing to Issue #5 - // $octet=preg_split("/\./", $ip); - // $classc=sprintf("%03s.%03s.%03s",$octet[0],$octet[1],$octet[2]); - print ''._PSEXTERNAL.': '; - if (isset($external_dns_link)){ - print 'DNS'; - } - if (isset($external_whois_link)){ - print ' | whois'; - } - if (isset($external_all_link)){ - print ' | Extended whois'; - } - print ' | DShield.org IP Info | '. - 'TrustedSource.org IP Info | '. - 'ISC Source/Subnet Report
'; +// Have no idea why this code is here. +// Commenting it out as it was ccontributing to Issue #5 +// $octet=preg_split("/\./", $ip); +// $classc=sprintf("%03s.%03s.%03s",$octet[0],$octet[1],$octet[2]); +print _PSEXTERNAL . ': '; +if( isset($external_dns_link) ){ + NLIO( + "DNS$Sep", 2 + ); +} +if( isset($external_whois_link) ){ + NLIO( + "whois$Sep", 2 + ); +} +if( isset($external_all_link) ){ + NLIO( + "Extended whois$Sep", 2 + ); +} +NLIO( + "DShield.org IP Info$Sep", 2 +); +NLIO( + "ISC Source/Subnet Report", 2 +); +NLIO('
'); - echo '
'; echo '
'; @@ -472,6 +481,6 @@ function PrintEventsByIP($db, $ip) PrintPortscanEvents($db, $ip); echo ' '; } -NLIO('',2); +NLIO('', 2); PrintBASESubFooter(); ?> diff --git a/base_stat_uaddr.php b/base_stat_uaddr.php index fb79372..e9fa642 100644 --- a/base_stat_uaddr.php +++ b/base_stat_uaddr.php @@ -65,13 +65,13 @@ if ( $addr_type != DEST_IP ){ ErrorMessage(_SUAERRCRITADDUNK); } + $addr_type = DEST_IP; $page_title = _UNIDADD; $results_title = _SUADSTIP; $addr_type_name = "ip_dst"; } if ( $caller == 'most_frequent' && $sort_order = 'occur_d' ){ - // Issue(s) #123 Fix - $sort_order = $CPTotal.'_occur_d'; + $sort_order = $CPTotal . '_occur_d'; // Issue #123 Fix } $qs = new QueryState(); if ( $caller == 'most_frequent' ){ // Issue #123 Fix @@ -195,41 +195,44 @@ echo '
'; - $qro->PrintHeader(); - - $i = 0; - while ( ($myrow = $result->baseFetchRow()) && ($i < $qs->GetDisplayRowCnt()) ) - { - $currentIP = baseLong2IP($myrow[0]); - $num_events = $myrow[1]; - $num_sensors = $myrow[2]; - $num_sig = $myrow[3]; - $num_ip = $myrow[4]; - - if ( $myrow[0] == NULL ) $no_ip = true; else $no_ip = false; - - qroPrintEntryHeader($i); - // Generating checkbox value. -- nikns - // Fix for Issue #69 https://github.com/NathanGibbs3/BASE/issues/69 - if ( $addr_type == SOURCE_IP ){ - $src_ip = $myrow[0]; - $dst_ip = ''; +$qro->PrintHeader(); +$DRC = $qs->GetDisplayRowCnt(); // Display Row Count +for( $i = 0; $i < $DRC; $i++ ){ + $myrow = $result->baseFetchRow(); + if( !is_array($myrow) ){ // End of RS Cutout + break; + } + $currentIP = ''; + $src_ip = ''; + $dst_ip = ''; + if( $myrow[0] == NULL ){ + $no_ip = true; }else{ - $src_ip = ''; - $dst_ip = $myrow[0]; + $no_ip = false; + $currentIP = baseLong2IP($myrow[0]); + // Fix for Issue #69 https://github.com/NathanGibbs3/BASE/issues/69 + if ( $addr_type == SOURCE_IP ){ + $src_ip = $myrow[0]; + }else{ + $dst_ip = $myrow[0]; + } } - $tmp_rowid = $src_ip.'_'.$dst_ip; + $num_events = $myrow[1]; + $num_sensors = $myrow[2]; + $num_sig = $myrow[3]; + $num_ip = $myrow[4]; + qroPrintEntryHeader($i); + $tmp_rowid = $src_ip . '_' . $dst_ip; // Generate checkbox value. -- nikns $tmp = "_lst[$i]"; qroPrintCheckBox($tmp, $tmp_rowid); $tmp = ''; - // Check for a NULL IP indicating an event (e.g. portscan) which has no IP. - if ( $no_ip ){ + if( $no_ip ){ // Check for NULL IP event (e.g. portscan) with no IP. $tmp = ''._UNKNOWN; }else{ - $tmp = BuildAddressLink($currentIP, 32).$currentIP; + $tmp = BuildAddressLink($currentIP, 32) . $currentIP; } $tmp .= ''; - qroPrintEntry($tmp,'right'); + qroPrintEntry($tmp, 'right'); if ( $resolve_IP == 1 ){ qroPrintEntry( baseGetHostByAddr($currentIP, $db, $dns_cache_lifetime), 'right' @@ -244,16 +247,10 @@ '&num_result_rows=-1'. '&sort_order='.$sort_order. '&submit='._QUERYDBP.'&current_view=-1&ip_addr_cnt=1'; - if ( $addr_type == 1 ){ - if ( $no_ip ) - $url_criteria = BuildSrcIPFormVars(NULL_IP); - else - $url_criteria = BuildSrcIPFormVars($currentIP); - }elseif ( $addr_type == 2 ){ - if ( $no_ip ) - $url_criteria = BuildDstIpFormVars(NULL_IP); - else - $url_criteria = BuildDstIPFormVars($currentIP); + if( $no_ip ){ + $url_criteria = BuildIPFormVar(NULL_IP, $addr_type); + }else{ + $url_criteria = BuildIPFormVar($currentIP, $addr_type); } qroPrintEntry($num_sensors); qroPrintEntry( @@ -264,17 +261,15 @@ ); qroPrintEntry($num_ip); qroPrintEntryFooter(); - ++$i; } $result->baseFreeRows(); - $qro->PrintFooter(); $qs->PrintBrowseButtons(); $qs->PrintAlertActionButtons(); $qs->SaveState(); ExportHTTPVar("addr_type", $addr_type); ExportHTTPVar("sort_order", $sort_order); -NLIO('
',2); +NLIO('', 2); $et->Mark("Get Query Elements"); PrintBASESubFooter(); ?> diff --git a/composer.json b/composer.json index b77c188..c1ed59e 100644 --- a/composer.json +++ b/composer.json @@ -43,7 +43,8 @@ }, "require": { "php": ">=4.0.4", - "ext-gmp": "*" + "ext-gmp": "*", + "ext-bcmath": "*" }, "require-dev": { "phpunit/phpunit": ">=5.7.28 || >=4.8.19", diff --git a/includes/base_auth.inc.php b/includes/base_auth.inc.php index e008897..14e5bce 100644 --- a/includes/base_auth.inc.php +++ b/includes/base_auth.inc.php @@ -407,8 +407,10 @@ function returnRoleNamesDropDown( $roleid ){ . chk_select($roleid, $myrow[0]) . '>' . $myrow[1] . ''; $Ret .= NLI($tmp, 8); - }else{ + }else{ // Should never run. + // @codeCoverageIgnoreStart break; + // @codeCoverageIgnoreEnd } } $rs->baseFreeRows(); @@ -693,45 +695,60 @@ function AuthorizedClient (){ $IPV = 0; $Snm = netmask ($IpTmp); if ( $Snm > 0 ){ - $MaskRE = '\/' . $Snm; + $MaskRE = "\/$Snm"; $IpTmp = preg_replace( '/'. $MaskRE .'$/', '', $IpTmp ); - if( is_ip4 ($IpTmp) ){ - if( $Snm > 32 ){ // Invalid IPv4 Netmask - $Snm = 32; - } - $IPC = NMHC($Snm); - }elseif( is_ip6 ($IpTmp) ){ - $IPC = NMHC($Snm, true); - } } $IPF = ipconvert($IpTmp); $IPL = $IPF; if( is_ip4 ($IpTmp) ){ $IPV = 4; - if( $Snm > 0 ){ - $IPL = $IPL + $IPC; - } }elseif( is_ip6 ($IpTmp) ){ $IPV = 6; - if( $Snm > 0 && defined('GMP_VERSION') ){ - $IPL = gmp_strval(gmp_add($IPF, $IPC)); + } + if( $Snm > 0 ){ + if( $IPV == 4 ){ + if( $Snm > 32 ){ // Invalid IPv4 Netmask + $Snm = 32; + } + $IPC = NMHC($Snm); + $IPL = $IPF + $IPC; + }elseif( $IPV == 6 ){ + $IPC = NMHC($Snm, true); + // @codeCoverageIgnoreStart + if( GMPi() ){ // IPv6 Use Gmp lib. + $IPL = gmp_strval(gmp_add($IPF, $IPC)); + }elseif( BCMi() ){ // IPv6 Use BCMath lib. + $IPL = bcadd($IPF, $IPC); + } + // @codeCoverageIgnoreEnd } } if( $IPV != 0 && is_key('REMOTE_ADDR', $_SERVER) ){ $ipcli = $_SERVER['REMOTE_ADDR']; $ipcT = ipconvert($ipcli); - if( $IPV == 4 && is_ip4 ($ipcli) ){ + if( $IPV == 4 && is_ip4($ipcli) ){ if( $ipcT >= $IPF && $ipcT <= $IPL ){ $Ret = true; } - }elseif( $IPV == 6 && is_ip6 ($ipcli) && defined('GMP_VERSION') ){ - if( - gmp_cmp($ipcT, $IPF) > -1 && gmp_cmp($ipcT, $IPL) < 1 - ){ - $Ret = true; + }elseif( $IPV == 6 && is_ip6($ipcli) ){ + // @codeCoverageIgnoreStart + if( GMPi() ){ // IPv6 Use Gmp lib. + if( + gmp_cmp($ipcT, $IPF) > -1 && gmp_cmp($ipcT, $IPL) < 1 + ){ + $Ret = true; + } + }elseif( BCMi() ){ // IPv6 Use BCMath lib. + if( + bccomp($ipcT, $IPF) > -1 && bccomp($ipcT, $IPL) < 1 + ){ + $Ret = true; + } } + // @codeCoverageIgnoreEnd } } + } return $Ret; } diff --git a/includes/base_capabilities.php b/includes/base_capabilities.php index 81654e2..1d31c03 100644 --- a/includes/base_capabilities.php +++ b/includes/base_capabilities.php @@ -57,12 +57,15 @@ function BaseCapsRegistry(){ // PHP 4x constructor. if( function_exists('mail') ){ // PHP Mail $this->AddCap('PHP_Mail'); } - if( function_exists('imagecreate') ){ // PHP GD + if( extension_loaded('gd') ){ // PHP GD $this->AddCap('PHP_GD'); } - if( defined('GMP_VERSION') ){ + if( extension_loaded('gmp') && defined('GMP_VERSION') ){ // PHP GMP $this->AddCap('PHP_GMP', GMP_VERSION); } + if( extension_loaded('bcmath') ){ // PHP BCMath + $this->AddCap('PHP_BCMath'); + } // BASE Kernel & RTL Registartion if ( SetConst('BASE_KERNEL', 'None') ){ $BKV = NULL; diff --git a/includes/base_db.inc.php b/includes/base_db.inc.php index 7c59063..fb941ba 100644 --- a/includes/base_db.inc.php +++ b/includes/base_db.inc.php @@ -1336,7 +1336,14 @@ function NewBASEDBConnection( $path, $type ){ // the mysql, mysqlt & maxsql drivers. if ( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 4) ){ mysqli_report(MYSQLI_REPORT_OFF); // Issue #162 temp fix. - $Wtype = "mysqli"; + $Wtype = 'mysqli'; + } + } + if( $type == 'mssql' ){ + // On PHP 5.3+, use mssqlnative ADODB driver & gracefully + // deprecate the mssql driver. + if( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 2) ){ + $Wtype = 'mssqlnative'; } } KML($EMPfx . "DB Type Req: $AXtype Type FIN: $type Driver: $Wtype", 3); diff --git a/includes/base_krnl.php b/includes/base_krnl.php index c8c7ee7..0b0b424 100644 --- a/includes/base_krnl.php +++ b/includes/base_krnl.php @@ -249,7 +249,7 @@ function ChkAccess( $path, $type='f' ){ if ( LoadedString($path) ){ $type = strtolower($type); $rcf = 0; - $Ret = -1; // Type Error + $Ret = -1; // Type Error / Not Found if ( $type == 'f' ){ if ( is_file($path) ){ $rcf = 1; diff --git a/includes/base_log_error.inc.php b/includes/base_log_error.inc.php index 2f12f52..b7b5385 100644 --- a/includes/base_log_error.inc.php +++ b/includes/base_log_error.inc.php @@ -78,16 +78,37 @@ function returnSMFN( $msg = '' ){ return $Ret; } -function returnBuildError( $Desc = '', $Opt = ''){ +function returnBuildError( $Desc = '', $Opt = '', $dll = '' ){ // Standardiazed PHP build error. - if( LoadedString($Desc) && LoadedString($Opt) ){ + if( LoadedString($Desc)){ $Desc = XSSPrintSafe($Desc); - $Opt = XSSPrintSafe($Opt); $Ret = returnErrorMessage(_ERRPHPERROR . ':', 0, 1); // TD this. $Ret .= - NLI("PHP build incomplete: $Desc support required.
") - . NLI("Recompile PHP with $Desc support ($Opt) .
"); + NLI("PHP build incomplete: $Desc support required.
"); + if( LoadedString($Opt) ){ + $Opt = XSSPrintSafe($Opt); + $Ret .= + NLI( + "Recompile PHP with $Desc support ($Opt) .
" + ); + } + // @codeCoverageIgnoreStart + if( + LoadedString($dll) && strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' + ){ + $dll = XSSPrintSafe($dll); + $Ret .= + NLI( + "To enable $Desc support, edit your php.ini file " + . 'and add the suggested line in the Extensions section.
' + . "Extension=$dll
" + . 'Note: The suggested dll name may be different than the one ' + . 'installed on your system. Please contact your OS vendor ' + . 'for more detailed technical support.
' + ); + } + // @codeCoverageIgnoreEnd return $Ret; } } diff --git a/includes/base_net.inc.php b/includes/base_net.inc.php index 90661e0..0bed3a9 100644 --- a/includes/base_net.inc.php +++ b/includes/base_net.inc.php @@ -148,25 +148,23 @@ function getIPMask($ipaddr, $mask) // $db => DB handle. // $cache_lifetime => lifetime of DNS resolution. // Returns: hostname of $ipaddr -// OR an error message indicating resolution was not possible +// OR an error message indicating resolution was not possible. function baseGetHostByAddr($ipaddr, $db, $cache_lifetime){ - $Epfx = 'BASE ' . __FUNCTION__ . '() '; + $EMPfx = __FUNCTION__ . ': '; $Emsg = ''; - // Need to extend this to support IPv6 - $Validipv4 = '/(\d{1,3}\.){3}\d{1,3}/'; - if ( !LoadedString($ipaddr) || ($ipaddr == '')){ - $Emsg = $Epfx.'Invalid Parameter(s) $ipaddr.'; + if ( !LoadedString($ipaddr) ){ + $Emsg = $EMPfx . 'Invalid Parameter $ipaddr.'; $Ret = ""._ERRRESOLVEADDRESS.""; - }elseif (!preg_match($Validipv4, $ipaddr)){ - $Emsg = $Epfx.'Invalid Parameter(s) $ipaddr.'; + }elseif( !is_ip4($ipaddr) ){ // Need to extend this to support IPv6 + $Emsg = $EMPfx . 'Invalid Parameter $ipaddr.'; // Not sure why we are not returning the error message like above. // The lagecy code returns the $ipaddr param in this instance, so // we left it here until we can verify that changing it won't break // soemthing else. $Ret = $ipaddr; } - if ( $Emsg != ''){ - trigger_error($Emsg); + if( $Emsg != '' ){ + KML($Emsg, 1); return $Ret; } $ip32 = baseIP2long($ipaddr); @@ -185,29 +183,26 @@ function baseGetHostByAddr($ipaddr, $db, $cache_lifetime){ if ( $db->DB_type != 'postgres' ){ // Get the length of the ipc-fqdn field from the DB. $maxlength = GetFieldLength($db,'acid_ip_cache','ipc_fqdn'); - if ( strlen($tmp) > $maxlength) { // Concat data at to maxlength. + if ( strlen($tmp) > $maxlength) { // Concat data to maxlength. $tmp = substr($tmp, -$maxlength); - $Emsg = $Epfx; - $Emsg .= "DB Field Overflow, FQDN for $ipaddr concatenated to $tmp. "; - $Emsg .= 'See: https://github.com/NathanGibbs3/BASE/issues/58'; -// error_log($Emsg); - // Using trigger_error, as error_log trips up the Unit tests that - // currently requirs process isolation. We should be able to fix - // this once we fix Issue #11. - trigger_error($Emsg); + $Emsg = $EMPfx . 'Warning: Issue #58 DB Field Overflow, FQDN ' + . "for $ipaddr concatenated to $tmp. " + . 'See: https://github.com/NathanGibbs3/BASE/issues/58'; + KML($Emsg, 1); } } if ( $ip_cache == "" ){ // Cache miss. Add to cache. + $SQLPfx = 'INSERT INTO acid_ip_cache (ipc_ip, ipc_fqdn, ' + . 'ipc_dns_timestamp) VALUES ('; if( $db->DB_type == "oci8" ){ // @codeCoverageIgnoreStart // We have no way of testing Oracle functionality. - $sql= "INSERT INTO acid_ip_cache (ipc_ip, ipc_fqdn, ipc_dns_timestamp) ". - "VALUES ($ip32, '$tmp', to_date( '$current_time', 'YYYY-MM-DD HH24:MI:SS' ) )"; + $sql = $SQLPfx . "$ip32, '$tmp', to_date( '$current_time', 'YYYY-MM-DD HH24:MI:SS' ) "; // @codeCoverageIgnoreEnd }else{ - $sql = "INSERT INTO acid_ip_cache (ipc_ip, ipc_fqdn, ipc_dns_timestamp) ". - "VALUES ('$ip32', '$tmp', '$current_time')"; + $sql = $SQLPfx . "'$ip32', '$tmp', '$current_time'"; } + $sql .= ')'; $db->baseExecute($sql); }else{ // Cache hit. if ($ip_cache[2] != "" && diff --git a/includes/base_rtl.php b/includes/base_rtl.php index 833a8f5..be17eb6 100644 --- a/includes/base_rtl.php +++ b/includes/base_rtl.php @@ -16,7 +16,7 @@ // Author(s): Nathan Gibbs // Kevin Johnson -$BRTL_Ver = '0.0.11'; +$BRTL_Ver = '0.0.12'; if( !function_exists('LoadedString') ){ // Returns true if var is a string containing data. @@ -133,6 +133,27 @@ function KML ( $msg = '', $lvl = 0 ){ } } } + +function BCMi(){ // BCMath installed? + return extension_loaded('bcmath'); +} + +function GMPi(){ // Gmp installed? + $Ret = false; + if( extension_loaded('gmp') && defined('GMP_VERSION') ){ + $Ret = true; + } + return $Ret; +} + +function IPv6i(){ // IPv6 supoort? + $Ret = false; + if( BCMi() || GMPi() ){ + $Ret = true; + } + SetConst('BASE_RTL_IPv6', $Ret); + return $Ret; +} // @codeCoverageIgnoreEnd if( !function_exists('ChkAccess') ){ @@ -143,7 +164,7 @@ function ChkAccess( $path, $type='f' ){ if( LoadedString($path) ){ $type = strtolower($type); $rcf = 0; - $Ret = -1; // Type Error + $Ret = -1; // Type Error / Not Found if( $type == 'f' ){ if( is_file($path) ){ $rcf = 1; @@ -324,9 +345,10 @@ function CCS(){ return array($Ret, $Stat); } -function is_ip ( $ip = '' ){ +function is_ip( $ip = '' ){ $Ret = false; if( LoadedString($ip) ){ + $ip = trim($ip); if( is_ip4($ip) || is_ip6($ip) ){ $Ret = true; } @@ -334,40 +356,64 @@ function is_ip ( $ip = '' ){ return $Ret; } -function is_ip4 ( $ip = '' ){ +function is_ip4( $ip = '' ){ $Ret = false; if( LoadedString($ip) ){ + $ip = trim($ip); $ReOc = '\d{1,3}'; - $ReIp = str_repeat("$ReOc\.",3) . $ReOc; - if( preg_match ('/^'. $ReIp .'$/', $ip) ){ - $Ret = true; + $ReIp = str_repeat("$ReOc\.", 3) . $ReOc; + if( preg_match ('/^' . $ReIp . '$/', $ip) ){ + $ipa = explode('.', $ip); + $SE = true; // Step Execution Flag Assume Success + foreach( $ipa as $val ){ // Fix #224 + if( $val < 0 || $val > 255 ){ + $SE = false; + break; + } + } + $Ret = $SE; } } return $Ret; } -function is_ip6 ( $ip = '' ){ +function is_ip6( $ip = '' ){ $Ret = false; if( LoadedString($ip) ){ + $ip = trim($ip); $ReOc = '\d{1,3}'; - $ReIp = str_repeat("$ReOc\.",3) . $ReOc; + $ReIp = str_repeat("$ReOc\.", 3) . $ReOc; $ReOc6 = '[[:xdigit:]]{1,4}'; - $ReIp6 = "\:?(\:?$ReOc6){0,6}" . "\:($ReIp|($ReOc6)?\:$ReOc6)?"; - if( preg_match ('/^'. $ReIp6 .'$/', $ip) ){ - $Ret = true; + $ReIp6 = "\:?(\:?\:?$ReOc6){0,6}" . "\:($ReIp|($ReOc6)?\:$ReOc6)?"; + $t6 = preg_match ('/^' . $ReIp6 . '$/', $ip, $t6m); + if( $t6 ){ // IPv6 Data Normalization. + IPv6i(); + $SE = true; // Step Execution Flag Assume Success + $t6m = $t6m[0]; + $t6t4 = preg_match ('/' . $ReIp . '$/', $t6m, $t6t4m); + if ( $t6t4 ){ // Fix #224 + $t6t4m = explode('.', $t6t4m[0]); + foreach( $t6t4m as $val ){ + if( $val < 0 || $val > 255 ){ + $SE = false; + break; + } + } + } + $Ret = $SE; } } return $Ret; } -function netmask ( $ip = '' ){ +function netmask( $ip = '' ){ $Ret = 0; if( LoadedString($ip) ){ $MaskRE = '\/\d{1,3}'; - if( preg_match ('/'. $MaskRE .'$/', $ip , $Snm) ){ + if( preg_match ('/' . $MaskRE . '$/', $ip , $Snm) ){ $Snm = $Snm[0]; - $Ret = preg_replace( '/^'. '\/' .'/', '', $Snm ); - if ( $Ret > 128 ){ // Lock down max value. + $Ret = preg_replace( '/^' . '\/' . '/', '', $Snm ); + if( $Ret > 128 ){ // Lock down max value. $Ret = 128; } } @@ -375,7 +421,7 @@ function netmask ( $ip = '' ){ return $Ret; } -function ipdeconvert ( $ip = '' ){ +function ipdeconvert( $ip = '' ){ $Ret = 0; if( is_numeric($ip) ){ $ip = trim($ip); @@ -384,14 +430,15 @@ function ipdeconvert ( $ip = '' ){ $OCA = array(); $t4 = 0; $t6 = 0; - if( $ip < pow(256, 4) ){ // IPv4 + if( $ip < pow(256, 4) ){ // IPv4 address. $t4 = 1; $tl = 4; - }else{ // IPv6 + }else{ // IPv6 address. + IPv6i(); $t6 = 1; $tl = 16; if( - defined('GMP_VERSION') + GMPi() && ( $PHPVer[0] > 5 || ($PHPVer[0] == 5 && $PHPVer[1] == 6 && $PHPVer[2] > 0) @@ -404,11 +451,19 @@ function ipdeconvert ( $ip = '' ){ if( !$SF ){ for ( $i = $tl; $i > 0 ; $i-- ){ $pwr = $i - 1; - if ( $t6 ){ // IPv6 Use Gmp lib. - $tmp = gmp_strval(gmp_pow(256, $pwr)); - $res = gmp_div_qr($ip, $tmp); - $tt = gmp_intval($res[0]); - $ip = gmp_strval($res[1]); + if ( $t6 && BASE_RTL_IPv6 == true ){ // IPv6 + // @codeCoverageIgnoreStart + if( GMPi() ){ // IPv6 Use Gmp lib. + $tmp = gmp_strval(gmp_pow(256, $pwr)); + $res = gmp_div_qr($ip, $tmp); + $tt = gmp_intval($res[0]); + $ip = gmp_strval($res[1]); + }elseif( BCMi() ){ // IPv6 Use BCMath lib. + $tmp = bcpow(256, $pwr); + $tt = intval(bcdiv($ip, $tmp)); + $ip = bcsub($ip, bcmul($tmp, $tt)); + } + // @codeCoverageIgnoreEnd }else{ // IPv4 Use PHP $tmp = pow(256, $pwr); $tt = intval($ip / $tmp); @@ -453,36 +508,40 @@ function ipdeconvert ( $ip = '' ){ // @codeCoverageIgnoreEnd } } + if( !is_ip($Ret) ){ // Final Sanity Check + $Ret = 0; + } return $Ret; } -function ipconvert ( $ip = '' ){ +function ipconvert( $ip = '' ){ $Ret = 0; - if( LoadedString($ip) ){ + if( LoadedString($ip) && is_ip($ip) ){ $ip = trim($ip); $PHPVer = GetPHPSV(); $SF = false; $OCA = array(); $ReOc = '\d{1,3}'; - $ReIp = str_repeat("$ReOc\.",3) . $ReOc; + $ReIp = str_repeat("$ReOc\.", 3) . $ReOc; $ReOc6 = '[[:xdigit:]]{1,4}'; - $ReIp6 = "\:?(\:?$ReOc6){0,6}" . "\:($ReIp|($ReOc6)?\:$ReOc6)?"; - $t4 = preg_match ('/^'. $ReIp .'$/', $ip, $t4m); - if ( $t4 ){ // IPv4 Data Normalization. - $OCA = explode('.',$t4m[0]); - foreach ($OCA as $key => $val) { + $ReIp6 = "\:?(\:?\:?$ReOc6){0,6}" . "\:($ReIp|($ReOc6)?\:$ReOc6)?"; + $t4 = preg_match ('/^' . $ReIp . '$/', $ip, $t4m); + if( $t4 ){ // IPv4 Data Normalization. + $OCA = explode('.', $t4m[0]); + foreach( $OCA as $key => $val ){ $OCA[$key] = intval($val); } $ip = implode('.', $OCA); } - $t6 = preg_match ('/^'. $ReIp6 .'$/', $ip, $t6m); - if ( $t6 ){ // IPv6 Data Normalization. + $t6 = preg_match ('/^' . $ReIp6 . '$/', $ip, $t6m); + if( $t6 ){ // IPv6 Data Normalization. + IPv6i(); $t6mTmp = ''; $t6m = $t6m[0]; - $t6t4 = preg_match ('/'. $ReIp .'$/', $t6m, $t6t4m); + $t6t4 = preg_match ('/' . $ReIp . '$/', $t6m, $t6t4m); if ( $t6t4 ){ $t6mTmp = preg_replace( - '/'. preg_quote(':' . $t6t4m[0]) .'$/', '', $t6m + '/' . preg_quote($t6t4m[0]) . '$/', '', $t6m ); $t6t4m = explode('.', $t6t4m[0]); foreach ($t6t4m as $key => $val) { @@ -490,7 +549,7 @@ function ipconvert ( $ip = '' ){ } $t6m = $t6mTmp; $OCA = $t6t4m; - $ip = $t6mTmp . ':' . implode('.',$t6t4m); + $ip = $t6m . implode('.', $t6t4m); } } $tl = 0; @@ -500,7 +559,7 @@ function ipconvert ( $ip = '' ){ $PHPVer[0] > 5 || ($PHPVer[0] == 5 && $PHPVer[1] == 6 && $PHPVer[2] > 0) ){ // Fast way on PHP 5.6.1+ - if( $t6 && defined('GMP_VERSION') ){ + if( $t6 && GMPi() ){ $SF = true; $Ret = gmp_strval(gmp_import($tmp)); } @@ -512,7 +571,7 @@ function ipconvert ( $ip = '' ){ // Process Standard IPv6 Notation while( $Snm > 0 ){ $t6Oc = preg_match ( - '/'. "\:?($ReOc6)" .'$/', $t6m, $t6Ocm + '/' . "\:?($ReOc6)" . '$/', $t6m, $t6Ocm ); if ( $t6Oc ){ $t6Ocr = $t6Ocm[0]; @@ -530,14 +589,14 @@ function ipconvert ( $ip = '' ){ }else{ $TOL = $Snm / 16; $t6Oc = preg_match_all ( - '/'. "$ReOc6\:" .'/', $t6m, $t6Ocm + '/' . "$ReOc6\:" . '/', $t6m, $t6Ocm ); $t6m = preg_replace( '/' . '\:' . '$/', '', $t6m ); - if ( $t6Oc !== false ){ + if( $t6Oc !== false ){ $tmp = '00'; $TOL = $TOL * 2; $t6Oc = $t6Oc * 2; - for ( $i = $TOL; $i > $t6Oc; $i-- ){ + for( $i = $TOL; $i > $t6Oc; $i-- ){ array_unshift($OCA, intval(hexdec($tmp))); $Snm = $Snm - 8; } @@ -546,7 +605,7 @@ function ipconvert ( $ip = '' ){ } } $tmp = ''; - foreach ($OCA as $val) { + foreach( $OCA as $val ){ $tt = pack('C', $val); $tmp .= $tt; } @@ -554,22 +613,34 @@ function ipconvert ( $ip = '' ){ } if( !$SF ){ $t1 = ''; - foreach (unpack('C*', $tmp) as $byte) { + foreach( unpack('C*', $tmp) as $byte ){ $t1 .= str_pad(decbin($byte), 8, '0', STR_PAD_LEFT); } - if( $t4 ){ // IPv4 + if( $t4 ){ // IPv4 address. $Ret = base_convert(ltrim($t1, '0'), 2, 10); - }else{ // IPv6 returns 0 if gmp is not available. - if( defined('GMP_VERSION') ){ + }else{ // IPv6 returns 0 if Gmp or BCMath is not available. + // @codeCoverageIgnoreStart + if( GMPi() ){ // IPv6 Use Gmp lib. $Ret = gmp_strval(gmp_init($t1, 2)); + }elseif( BCMi() ){ // IPv6 Use BCMath lib. + $Obs = bcscale(); + bcscale(0); + $Ret = 0; + $tmp = strlen($t1); + for ($i = 0; $i < $tmp; $i++ ){ + $Ret = bcmul($Ret, '2'); + $Ret = bcadd($Ret, $t1[$i]); + } + bcscale($Obs); } + // @codeCoverageIgnoreEnd } } } return $Ret; } -function NMHC ( $Snm = 0, $v6 = false ){ // Get host Count from netmask. +function NMHC( $Snm = 0, $v6 = false ){ // Get host Count from netmask. $Ret = 0; if( !is_bool($v6) ){ $v6 = false; @@ -582,10 +653,15 @@ function NMHC ( $Snm = 0, $v6 = false ){ // Get host Count from netmask. $Floor = 0; } if( $Snm > $Floor && $Snm < 129 ){ // IPv6 - if( defined('GMP_VERSION') ){ + // @codeCoverageIgnoreStart + if( GMPi() ){ // IPv6 Use Gmp lib. $Top = gmp_pow(256, 16); $Ret = gmp_strval(gmp_div($Top, gmp_pow(2, $Snm))); + }elseif( BCMi() ){ // IPv6 Use BCMath lib. + $Top = bcpow(256, 16); + $Ret = bcdiv($Top, bcpow(2, $Snm)); } + // @codeCoverageIgnoreEnd }elseif( $Snm > 0 && $Snm < 33 ){ // IPv4 $Top = pow(256, 4); $Ret = $Top / pow(2, $Snm); diff --git a/includes/base_state_citems.inc.php b/includes/base_state_citems.inc.php index 1062abf..e3da34a 100644 --- a/includes/base_state_citems.inc.php +++ b/includes/base_state_citems.inc.php @@ -100,16 +100,13 @@ function SetFormItemCnt( $value ){ // Sets the number of items in this form element. } - function Set( $value ){ - // Set the value of this criteria. + function Set( $value ){ // Set the value of this criteria. } - function Get(){ - // Returns the value of this criteria. + function Get(){ // Returns the value of this criteria. } - function ToSQL(){ - // Convert this criteria to SQL. + function ToSQL(){ // Convert this criteria to SQL. } function Description( $value ){ @@ -585,6 +582,7 @@ function Description( $value ){ } $tmp .= $this->cs->GetClearCriteriaString($this->export_name); $tmp .= '
'; + // 2023-06-30 HTML in returned value, seriously, fix this. } } return $tmp; @@ -641,9 +639,9 @@ function Description( $value ){ $tmp = $tmp._SIGCLASS.' = '. htmlentities(GetSigClassName($this->criteria, $this->db)). $this->cs->GetClearCriteriaString($this->export_name).'
'; - } - } - + // 2023-06-30 HTML in returned value, seriously, fix this. + } + } return $tmp; } @@ -735,6 +733,7 @@ function Description( $value ){ else $tmp = $tmp._SIGPRIO.' '.htmlentities($this->criteria[0])." ".htmlentities($this->criteria[1]). $this->cs->GetClearCriteriaString($this->export_name).'
'; + // 2023-06-30 HTML in returned value, seriously, fix this. } } return $tmp; @@ -781,7 +780,8 @@ function Description( $value ){ $tmp = $tmp._ALERTGROUP.' = ['.htmlentities($this->criteria).'] '.GetAGNameByID($this->criteria, $this->db). $this->cs->GetClearCriteriaString($this->export_name).'
'; - return $tmp; + // 2023-06-30 HTML in returned value, seriously, fix this. + return $tmp; } }; /* AlertGroupCriteria */ @@ -868,7 +868,8 @@ function Description($value) { GetSensorName($this->criteria, $this->db). $this->cs->GetClearCriteriaString($this->export_name).'
'; - return $tmp; + // 2023-06-30 HTML in returned value, seriously, fix this. + return $tmp; } }; // SensorCriteria @@ -997,11 +998,12 @@ function Description( $value ){ class IPAddressCriteria extends MultipleElementCriteria { // * $ip_addr[MAX][10]: stores an ip address parameters/operators row -// - [][0] : ( [][5] : octet3 of address -// - [][1] : source, dest [][6] : octet4 of address -// - [][2] : =, != [][7] : network mask -// - [][3] : octet1 of address [][8] : (, ) -// - [][4] : octet2 of address [][9] : AND, OR +// - [][0] : ( [][6] : octet4 of address +// - [][1] : source, dest [][7] : network mask / IPv4 format. +// - [][2] : =, != [][8] : (, ) +// - [][3] : octet1 of address [][9] : AND, OR +// - [][4] : octet2 of address [][10] : Formerly undocumented +// - [][5] : octet3 of address network mask / INT. // // $ip_addr_cnt: number of rows in the $ip_addr[][] structure @@ -1043,27 +1045,33 @@ function IPAddressCriteria( function Import(){ parent::Import(); // Store ourselves in the session. - if ( is_array($this->criteria) ){ + if( is_array($this->criteria) ){ // Expand IP into octets. - for ( $i = 0; $i < $this->criteria_cnt; $i++ ){ - if ( (isset ($this->criteria[$i][3])) && - (preg_match("/([0-9]*)\.([0-9]*)\.([0-9]*)\.([0-9]*)/", $this->criteria[$i][3])) ) - { + for( $i = 0; $i < $this->criteria_cnt; $i++ ){ + if( + isset ($this->criteria[$i][3]) + && ( + is_ip4($this->criteria[$i][3]) + || $this->criteria[$i][3] == NULL_IP // Compat Hack. + ) + ){ $tmp_ip_str = $this->criteria[$i][7] = $this->criteria[$i][3]; $this->criteria[$i][3] = strtok($tmp_ip_str, "."); $this->criteria[$i][4] = strtok("."); $this->criteria[$i][5] = strtok("."); $this->criteria[$i][6] = strtok("/"); $this->criteria[$i][10] = strtok(""); - } + } + // We need an IPv6 implementation here. } } - $_SESSION['ip_addr'] = &$this->criteria; - $_SESSION['ip_addr_cnt'] = &$this->criteria_cnt; + $_SESSION['ip_addr'] = &$this->criteria; + $_SESSION['ip_addr_cnt'] = &$this->criteria_cnt; } - function Clear(){ - // Clears the criteria. + + function Clear(){ // Clears the criteria. } + function SanitizeElement($value) { $i = 0; // Why is this function hardwired to check only the first // criteria instance? Leaving it for now, but need to investigate. @@ -1132,22 +1140,20 @@ function PrintForm($value1, $value2, $value3) { echo '
'; } } - function ToSQL(){ - // Convert this criteria to SQL. - } - function Description($value) { - $human_fields["ip_src"] = _SOURCE; - $human_fields["ip_dst"] = _DEST; - $human_fields["ip_both"] = _SORD; - $human_fields[""] = ""; - $human_fields["LIKE"] = _CONTAINS; - $human_fields["="] = "="; - $tmp2 = ""; + function ToSQL(){ // Convert this criteria to SQL. + } - for ( $i = 0; $i < $this->criteria_cnt; $i++ ) - { - $tmp = ""; + function Description($value) { + $human_fields["ip_src"] = _SOURCE; + $human_fields["ip_dst"] = _DEST; + $human_fields["ip_both"] = _SORD; + $human_fields[''] = ''; + $human_fields["LIKE"] = _CONTAINS; + $human_fields["="] = "="; + $Ret = ''; + for ( $i = 0; $i < $this->criteria_cnt; $i++ ){ + $tmp = ''; if ( isset($this->criteria[$i][3]) && $this->criteria[$i][3] != "" ) { $tmp = $tmp.$this->criteria[$i][3]; @@ -1175,19 +1181,21 @@ function Description($value) { $tmp = $tmp.'.*.*.*'; } /* Make sure that the IP isn't blank */ - if ( $tmp != "" ) - { + if ( $tmp != "" ){ $mask = ""; if ( $this->criteria[$i][10] != "" ) $mask = "/".$this->criteria[$i][10]; - $tmp2 = $tmp2.$this->criteria[$i][0]. - $human_fields[($this->criteria[$i][1])].' '.$this->criteria[$i][2]. - ' '.$tmp.' '.$this->criteria[$i][8].' '.$this->criteria[$i][9].$mask. - $this->cs->GetClearCriteriaString($this->export_name)."
"; - } + $Ret = $Ret . $this->criteria[$i][0] + . $human_fields[($this->criteria[$i][1])] . ' ' + . $this->criteria[$i][2] . ' ' . $tmp . ' ' + . $this->criteria[$i][8] . ' ' . $this->criteria[$i][9] . $mask + . $this->cs->GetClearCriteriaString($this->export_name) + . '
'; + // 2023-06-30 HTML in returned value, seriously, fix this. + } } - return $tmp2; + return $Ret; } }; /* IPAddressCriteria */ @@ -1440,9 +1448,11 @@ function Description($value) { $tmp = $tmp.$human_fields[($this->criteria[$i])]; $tmp = $tmp.$this->cs->GetClearCriteriaString("tcp_flags").'
'; - } + // 2023-06-30 HTML in returned value, seriously, fix this. + } return $tmp; } + function isEmpty(){ $Ret = false; $TD = array ('', ' '); // Test Values @@ -1555,9 +1565,11 @@ function ToSQL() { /* convert this criteria to SQL */ } + function Description($value) { return parent::Description(array_merge ( array("" => ""), $this->valid_field_list) ); } + }; /* UDPFieldCriteria */ class ICMPFieldCriteria extends ProtocolFieldCriteria { @@ -1611,9 +1623,11 @@ function ToSQL() { /* convert this criteria to SQL */ } + function Description($value) { return parent::Description(array_merge ( array("" => ""), $this->valid_field_list) ); } + }; /* ICMPFieldCriteria */ class Layer4Criteria extends SingleElementCriteria @@ -1655,6 +1669,7 @@ function ToSQL() { /* convert this criteria to SQL */ } + function Description($value) { if ( $this->criteria == "TCP" ) return _QCTCPCRIT; @@ -1665,6 +1680,7 @@ function Description($value) { else return _QCLAYER4CRIT; } + }; /* Layer4Criteria */ class DataCriteria extends MultipleElementCriteria { @@ -1806,9 +1822,10 @@ function PrintForm($value1, $value2, $value3) { echo '
'; } } - function ToSQL(){ - // Convert this criteria to SQL. + + function ToSQL(){ // Convert this criteria to SQL. } + function Description($value) { $human_fields["LIKE"] = _CONTAINS; $human_fields["NOT LIKE"] = _DOESNTCONTAIN; diff --git a/includes/base_state_criteria.inc.php b/includes/base_state_criteria.inc.php index 261c7de..310039f 100644 --- a/includes/base_state_criteria.inc.php +++ b/includes/base_state_criteria.inc.php @@ -112,9 +112,16 @@ function ReadState(){ } // Save the current criteria into $back_list (history). if ( $maintain_history == 1 ){ - PushHistory(); + // Catch #218 + $submit = ImportHTTPVar( + 'submit', '', array(_SELECTED, _ALLONSCREEN, _ENTIREQUERY) + ); + if( !LoadedString($submit) ){ + PushHistory(); + } } } + function GetBackLink() { return PrintBackButton(); diff --git a/includes/base_state_query.inc.php b/includes/base_state_query.inc.php index c908bab..2cb8c40 100644 --- a/includes/base_state_query.inc.php +++ b/includes/base_state_query.inc.php @@ -182,6 +182,7 @@ function SetActionSQL($sql) { $this->action_sql = $sql; } + function RunAction($submit, $which_page, $db){ GLOBAL $show_rows, $debug_mode; if ( IsValidActionOp($submit, $this->valid_action_op_list) ){ @@ -197,6 +198,7 @@ function RunAction($submit, $which_page, $db){ } } } + function GetNumResultRows( $cnt_sql = '', $db = NULL ){ if ( !($this->isCannedQuery()) && ($this->num_result_rows == -1) ){ $this->current_view = 0; @@ -345,6 +347,7 @@ function PrintAlertActionButtons(){ PrintFramedBoxFooter(1,2); echo "\n\n"; } + function ReadState(){ $this->current_canned_query = ImportHTTPVar("caller", VAR_LETTER | VAR_USCORE); $this->num_result_rows = ImportHTTPVar("num_result_rows", VAR_DIGIT | VAR_SCORE); diff --git a/tests/php/base_commonTest.php b/tests/php/base_commonTest.php index 88ad72a..e271ffd 100644 --- a/tests/php/base_commonTest.php +++ b/tests/php/base_commonTest.php @@ -6,6 +6,7 @@ /** * Code Coverage Directives. * @covers ::BCS + * @covers ::BuildIPFormVar * @covers ::ChkArchive * @covers ::ChkCookie * @covers ::ChkGet @@ -23,8 +24,12 @@ * @uses ::HtmlColor * @uses ::LibIncError * @uses ::LoadedString + * @uses ::SetConst * @uses ::XSSPrintSafe * @uses ::VS2SV + * @uses ::is_ip + * @uses ::is_ip4 + * @uses ::is_ip6 * @uses ::returnErrorMessage */ @@ -929,6 +934,114 @@ public function testBCSClear(){ $this->assertRegExp('/' . $EOM . '/', $elOutput, $UOV); } } + public function testBuildIPFormVarDefault(){ + $URV = self::$URV.'BuildIPFormVar().'; + $this->assertEquals('', BuildIPFormVar(), $URV ); + } + public function testBuildIPFormVarInvalid(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = NULL_IP; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_dst' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 0, -1), $URV ); + } + public function testBuildIPFormVarNULL_IP(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = NULL_IP; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_dst' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip), $URV ); + } + public function testBuildIPFormVarNULL_IPSrc(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = NULL_IP; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 1), $URV ); + } + public function testBuildIPFormVarNULL_IPBoth(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = NULL_IP; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=OR' + . '&ip_addr%5B1%5D%5B0%5D=+&ip_addr%5B1%5D%5B1%5D=ip_dst' + . '&ip_addr%5B1%5D%5B2%5D=%3D' + . '&ip_addr%5B1%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B1%5D%5B8%5D=+&ip_addr%5B1%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 3), $URV ); + } + + public function testBuildIPFormVarIPv4(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = '1.1.1.1'; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_dst' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip), $URV ); + } + public function testBuildIPFormVarIPv4Src(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = '1.1.1.1'; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 1), $URV ); + } + public function testBuildIPFormVarIPv4Both(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = '1.1.1.1'; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=OR' + . '&ip_addr%5B1%5D%5B0%5D=+&ip_addr%5B1%5D%5B1%5D=ip_dst' + . '&ip_addr%5B1%5D%5B2%5D=%3D' + . '&ip_addr%5B1%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B1%5D%5B8%5D=+&ip_addr%5B1%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 3), $URV ); + } + + public function testBuildIPFormVarIPv6(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = 'ff06::c3'; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_dst' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip), $URV ); + } + public function testBuildIPFormVarIPv6Src(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = 'ff06::c3'; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 1), $URV ); + } + public function testBuildIPFormVarIPv6Both(){ + $URV = self::$URV.'BuildIPFormVar().'; + $ip = 'ff06::c3'; + $EOM = '&ip_addr%5B0%5D%5B0%5D=+&ip_addr%5B0%5D%5B1%5D=ip_src' + . '&ip_addr%5B0%5D%5B2%5D=%3D' + . '&ip_addr%5B0%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B0%5D%5B8%5D=+&ip_addr%5B0%5D%5B9%5D=OR' + . '&ip_addr%5B1%5D%5B0%5D=+&ip_addr%5B1%5D%5B1%5D=ip_dst' + . '&ip_addr%5B1%5D%5B2%5D=%3D' + . '&ip_addr%5B1%5D%5B3%5D=' . urlencode($ip) + . '&ip_addr%5B1%5D%5B8%5D=+&ip_addr%5B1%5D%5B9%5D=+'; + $this->assertEquals($EOM, BuildIPFormVar($ip, 3), $URV ); + } // Add code to a function if needed. // Stop here and mark test incomplete. diff --git a/tests/php/base_qry_commonspTest.php b/tests/php/base_qry_commonspTest.php index f662370..8825ad7 100644 --- a/tests/php/base_qry_commonspTest.php +++ b/tests/php/base_qry_commonspTest.php @@ -105,9 +105,7 @@ public static function setUpBeforeClass() { ); } self::assertInstanceOf( - 'baseCon', - $db, - 'DB Object Not Initialized.' + 'baseCon', $db, 'DB Object Not Initialized.' ); self::$db = $db; } diff --git a/tests/php/iauth_AuthorizedxTest.php b/tests/php/iauth_AuthorizedxTest.php index d3de35e..749f9a2 100644 --- a/tests/php/iauth_AuthorizedxTest.php +++ b/tests/php/iauth_AuthorizedxTest.php @@ -26,6 +26,7 @@ * @uses ::ipconvert * @uses ::is_ip4 * @uses ::is_ip6 + * @uses ::is_ip * @uses ::is_key * @uses ::netmask * @uses BaseUser @@ -330,7 +331,7 @@ public function testAuthorizedClientIPv4InvalidNetmask(){ public function testAuthorizedClientIPv6Fail(){ GLOBAL $AllowedClients; $URV = self::$URV . 'AuthorizedClient().'; - if( defined('GMP_VERSION') ){ + if( IPv6i() ){ // Can RTL Do IPv6 on this install. $osv = $_SERVER; $oAC = $AllowedClients; $_SERVER['REMOTE_ADDR'] = '1000::1'; @@ -345,7 +346,7 @@ public function testAuthorizedClientIPv6Fail(){ public function testAuthorizedClientIPv6Pass(){ GLOBAL $AllowedClients; $URV = self::$URV . 'AuthorizedClient().'; - if( defined('GMP_VERSION') ){ + if( IPv6i() ){ // Can RTL Do IPv6 on this install. $osv = $_SERVER; $oAC = $AllowedClients; $_SERVER['REMOTE_ADDR'] = '::1'; diff --git a/tests/php/idbTest.php b/tests/php/idbTest.php index 48d143a..c8a88dc 100644 --- a/tests/php/idbTest.php +++ b/tests/php/idbTest.php @@ -28,12 +28,12 @@ class dbTest extends TestCase { // Pre Test Setup. - protected static $db; protected static $DBlib_path; - protected static $dbt; protected static $PHPUV; protected static $UOV; protected static $URV; + protected static $db; + protected static $dbt; protected static $tc; // Share class instance as common test fixture. @@ -90,9 +90,7 @@ public static function setUpBeforeClass() { ); } self::assertInstanceOf( - 'baseCon', - $db, - 'DB Object Not Initialized.' + 'baseCon', $db, 'DB Object Not Initialized.' ); self::$DBlib_path = $DBlib_path; self::$db = $db; diff --git a/tests/php/idbspTest.php b/tests/php/idbspTest.php index 84ab13f..3318422 100644 --- a/tests/php/idbspTest.php +++ b/tests/php/idbspTest.php @@ -79,9 +79,7 @@ public static function setUpBeforeClass() { ); } self::assertInstanceOf( - 'baseCon', - $db, - 'DB Object Not Initialized.' + 'baseCon', $db, 'DB Object Not Initialized.' ); self::$DBlib_path = $DBlib_path; self::$db = $db; diff --git a/tests/php/inetspTest.php b/tests/php/inetspTest.php index e33e575..96f9bad 100644 --- a/tests/php/inetspTest.php +++ b/tests/php/inetspTest.php @@ -15,6 +15,9 @@ class netSPTest extends TestCase { // Pre Test Setup. + protected static $PHPUV; + protected static $UOV; + protected static $URV; protected static $db; // Share class instance as common test fixture. @@ -77,90 +80,78 @@ public static function setUpBeforeClass() { ); } self::assertInstanceOf( - 'baseCon', - $db, - 'DB Object Not Initialized.' + 'baseCon', $db, 'DB Object Not Initialized.' ); self::$db = $db; } + $PHPUV = GetPHPUV(); // PHPUnit Version + if (version_compare($PHPUV, '9.0', '<')){ // PHPUnit < 9x + self::$PHPUV = 1; + }else{ // PHPUnit 9+ + self::$PHPUV = 2; + } } public static function tearDownAfterClass() { + self::$PHPUV = null; + self::$UOV = null; + self::$URV = null; self::$db = null; } // Tests go here. - public function testbaseGetHostByAddrNoIpThrowsError() { - $db = self::$db; - // Remove once we TD migrate this. - define('_ERRRESOLVEADDRESS','Unable to resolve address'); - $EEM = "BASE baseGetHostByAddr() Invalid Parameter(s) \$ipaddr."; - $PHPUV = GetPHPUV(); - if (version_compare($PHPUV, '3.0', '<')) { - $this->markTestSkipped('Requires Phpunit 3+ to run.'); - }elseif (version_compare($PHPUV, '5.0', '<')) { // PHPUnit 3x - 4x - $this->setExpectedException( - "PHPUnit_Framework_Error_Notice", $EEM - ); - }elseif (version_compare($PHPUV, '6.0', '<')) { // PHPUnit 5x - $this->expectException("PHPUnit_Framework_Error_Notice"); - $this->expectExceptionMessage($EEM); - }elseif (version_compare($PHPUV, '9.0', '<')) { // PHPUnit 6x - 8x - $this->expectException("PHPUnit\Framework\Error\Notice"); - $this->expectExceptionMessage($EEM); - }else{ // PHPUnit 9+ - $this->expectNotice(); - $this->expectNoticeMessage($EEM); - } - baseGetHostByAddr('',$db,-10); - } public function testbaseGetHostByAddrNoIpReturnsExpected() { + $PHPUV = self::$PHPUV; + $UOV = self::$UOV . 'baseGetHostByAddr().'; + $URV = self::$URV . 'baseGetHostByAddr().'; $db = self::$db; // Remove once we TD migrate this. define('_ERRRESOLVEADDRESS','Unable to resolve address'); - // Test conditions will throw error. - // Use error suppression @ symbol. + $EOM = 'baseGetHostByAddr: Invalid Parameter \$ipaddr.'; + $cur_e_l = ini_get( 'error_log' ); // Shim error_log output On + $capture = tmpfile(); + $tmp = stream_get_meta_data($capture); + ini_set('error_log', $tmp['uri']); $this->assertEquals( - ""._ERRRESOLVEADDRESS."", - @baseGetHostByAddr('',$db,-10), - 'Unexpected return baseGetHostByAddr().' + '' . _ERRRESOLVEADDRESS . '', + baseGetHostByAddr('', $db, -10), $URV ); - } - public function testbaseGetHostByAddrInvalidIpThrowsError() { - $db = self::$db; - // Remove once we TD migrate this. - define('_ERRRESOLVEADDRESS','Unable to resolve address'); - $EEM = "BASE baseGetHostByAddr() Invalid Parameter(s) \$ipaddr."; - $PHPUV = GetPHPUV(); - if (version_compare($PHPUV, '3.0', '<')) { - $this->markTestSkipped('Requires Phpunit 3+ to run.'); - }elseif (version_compare($PHPUV, '5.0', '<')) { // PHPUnit 3x - 4x - $this->setExpectedException( - "PHPUnit_Framework_Error_Notice", $EEM + ini_set( 'error_log', $cur_e_l ); // Shim error_log output Off + $elOutput = stream_get_contents($capture); + if ( $PHPUV > 1 ){ // PHPUnit 9+ + $this->assertMatchesRegularExpression( + '/'.$EOM.'$/', $elOutput, $UOV ); - }elseif (version_compare($PHPUV, '6.0', '<')) { // PHPUnit 5x - $this->expectException("PHPUnit_Framework_Error_Notice"); - $this->expectExceptionMessage($EEM); - }elseif (version_compare($PHPUV, '9.0', '<')) { // PHPUnit 6x - 8x - $this->expectException("PHPUnit\Framework\Error\Notice"); - $this->expectExceptionMessage($EEM); - }else{ // PHPUnit 9+ - $this->expectNotice(); - $this->expectNoticeMessage($EEM); + }else{ // Legacy PHPUnit + $this->assertRegExp('/'.$EOM.'$/', $elOutput, $UOV); } - baseGetHostByAddr('github.com',$db,-10); } + public function testbaseGetHostByAddrInvalidIpReturnsExpected() { + $PHPUV = self::$PHPUV; + $UOV = self::$UOV . 'baseGetHostByAddr().'; + $URV = self::$URV . 'baseGetHostByAddr().'; $db = self::$db; // Remove once we TD migrate this. define('_ERRRESOLVEADDRESS','Unable to resolve address'); - // Test conditions will throw error. - // Use error suppression @ symbol. + $EOM = 'baseGetHostByAddr: Invalid Parameter \$ipaddr.'; + $cur_e_l = ini_get( 'error_log' ); // Shim error_log output On + $capture = tmpfile(); + $tmp = stream_get_meta_data($capture); + ini_set('error_log', $tmp['uri']); $this->assertEquals( - 'github.com', - @baseGetHostByAddr('github.com',$db,-10), - 'Unexpected return baseGetHostByAddr().' + 'github.com', baseGetHostByAddr('github.com', $db, -10), $URV ); + ini_set( 'error_log', $cur_e_l ); // Shim error_log output Off + $elOutput = stream_get_contents($capture); + if ( $PHPUV > 1 ){ // PHPUnit 9+ + $this->assertMatchesRegularExpression( + '/'.$EOM.'$/', $elOutput, $UOV + ); + }else{ // Legacy PHPUnit + $this->assertRegExp('/'.$EOM.'$/', $elOutput, $UOV); + } } + public function testbaseGetHostByAddrValidIpCacheMiss() { $db = self::$db; // Remove once we TD migrate this. @@ -257,41 +248,11 @@ public function testbaseGetHostByAddrValidIpCacheHitReturnsFQDN() { 'Unexpected return baseGetHostByAddr().' ); } - public function testbaseGetHostByAddrValidIpOverflowFQDNThrowsError() { - $db = self::$db; - if ($db->DB_type == 'postgres' ){ - // Doesn't apply to postgresql, so Pass. - $this->assertTrue(true,'Passing Test.'); - }else{ - // Remove once we TD migrate this. - define('_ERRRESOLVEADDRESS','Unable to resolve address'); - $EEM = "BASE baseGetHostByAddr() DB Field Overflow, FQDN for "; - $EEM .= "3.24.117.66 concatenated to "; - $EEM .= "2-3-24-117-66.ap-southeast-2.compute.amazonaws.com. "; - $EEM .= "See: https://github.com/NathanGibbs3/BASE/issues/58"; - $PHPUV = GetPHPUV(); - if (version_compare($PHPUV, '3.0', '<')) { - $this->markTestSkipped('Requires Phpunit 3+ to run.'); - }elseif (version_compare($PHPUV, '5.0', '<')) { // PHPUnit 3x - 4x - $this->setExpectedException( - "PHPUnit_Framework_Error_Notice", $EEM - ); - }elseif (version_compare($PHPUV, '6.0', '<')) { // PHPUnit 5x - $this->expectException("PHPUnit_Framework_Error_Notice"); - $this->expectExceptionMessage($EEM); - }elseif (version_compare($PHPUV, '9.0', '<')) { // PHPUnit 6x - 8x - $this->expectException("PHPUnit\Framework\Error\Notice"); - $this->expectExceptionMessage($EEM); - }else{ // PHPUnit 9+ - $this->expectNotice(); - $this->expectNoticeMessage($EEM); - } - $tip = '3.24.117.66'; - $thn = '2-3-24-117-66.ap-southeast-2.compute.amazonaws.com'; - baseGetHostByAddr($tip,$db,10); - } - } + public function testbaseGetHostByAddrValidIpOverflowFQDNReturnsExpected() { + $PHPUV = self::$PHPUV; + $UOV = self::$UOV . 'baseGetHostByAddr().'; + $URV = self::$URV . 'baseGetHostByAddr().'; $db = self::$db; if ($db->DB_type == 'postgres' ){ // Doesn't apply to postgresql, so Pass. @@ -301,13 +262,24 @@ public function testbaseGetHostByAddrValidIpOverflowFQDNReturnsExpected() { define('_ERRRESOLVEADDRESS','Unable to resolve address'); $tip = '3.24.117.66'; $thn = '2-3-24-117-66.ap-southeast-2.compute.amazonaws.com'; - // Test conditions will throw error. - // Use error suppression @ symbol. - $this->assertEquals( - $thn, - @baseGetHostByAddr($tip,$db,10), - 'Unexpected return baseGetHostByAddr().' - ); + $EOM = 'baseGetHostByAddr: Warning: Issue #58 DB Field Overflow, ' + . 'FQDN for 3.24.117.66 concatenated to ' + . '2-3-24-117-66.ap-southeast-2.compute.amazonaws.com. ' + . 'See: https:\/\/github.com\/NathanGibbs3\/BASE\/issues\/58'; + $cur_e_l = ini_get( 'error_log' ); // Shim error_log output On + $capture = tmpfile(); + $tmp = stream_get_meta_data($capture); + ini_set('error_log', $tmp['uri']); + $this->assertEquals($thn, baseGetHostByAddr($tip,$db,10), $URV); + ini_set( 'error_log', $cur_e_l ); // Shim error_log output Off + $elOutput = stream_get_contents($capture); + if ( $PHPUV > 1 ){ // PHPUnit 9+ + $this->assertMatchesRegularExpression( + '/' . $EOM . '$/', $elOutput, $UOV + ); + }else{ // Legacy PHPUnit + $this->assertRegExp('/' . $EOM . '$/', $elOutput, $UOV); + } } } diff --git a/tests/php/irtlTest.php b/tests/php/irtlTest.php index 4d1e4c0..043b02c 100644 --- a/tests/php/irtlTest.php +++ b/tests/php/irtlTest.php @@ -30,6 +30,7 @@ class base_rtlTest extends TestCase { protected static $TA; protected static $NMHCv4; protected static $NMHCv6; + protected static $TAIPInvalid; protected static $TAIPv4; protected static $TAIPv4cR; protected static $TAIPv6; @@ -61,6 +62,9 @@ public static function setUpBeforeClass(){ 'test' => 'string', 'array' => array () ); + self::$TAIPInvalid = array ( + '256.256.256.256', '::ffff:256.256.256.256' + ); self::$TAIPv4 = array ( '192.168.000.001', '192.168.0.1', '192.168.129.1', '192.168.128.1', @@ -79,6 +83,7 @@ public static function setUpBeforeClass(){ 'ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff', '1050:0000:0000:0000:0005:0600:300c:326b', '1050:0:0:0:5:600:300c:326b', + '1050::5:600:300c:326b', 'ff06:0:0:0:0:0:0:c3', 'ff06::c3', '0:0:0:0:0:ffff:192.001.56.10', @@ -96,6 +101,8 @@ public static function setUpBeforeClass(){ => '21683031681241440176744766643582546539', '1050:0:0:0:5:600:300c:326b' => '21683031681241440176744766643582546539', + '1050::5:600:300c:326b' + => '21683031681241440176744766643582546539', 'ff06:0:0:0:0:0:0:c3' => '338984292706304756556241983349463187651', 'ff06::c3' => '338984292706304756556241983349463187651', '0:0:0:0:0:ffff:192.001.56.10' => '281473903048714', @@ -290,6 +297,7 @@ public static function tearDownAfterClass(){ self::$TA = null; self::$NMHCv4 = null; self::$NMHCv6 = null; + self::$TAIPInvalid = null; self::$TAIPv4 = null; self::$TAIPv4cR = null; self::$TAIPv6 = null; @@ -679,6 +687,13 @@ public function testis_ipEmpty(){ $URV = self::$URV.'is_ip().'; $this->assertFalse(is_ip(), $URV); } + public function testis_ipInvalid(){ + $URV = self::$URV.'is_ip().'; + $TAIP = self::$TAIPInvalid; + foreach( $TAIP as $IP ){ + $this->assertFalse(is_ip($IP), $URV); + } + } public function testis_ipFilled(){ $URV = self::$URV.'is_ip().'; $TAv4 = self::$TAIPv4; @@ -694,6 +709,13 @@ public function testis_ip4Empty(){ $URV = self::$URV.'is_ip4().'; $this->assertFalse(is_ip4(), $URV); } + public function testis_ipv4Invalid(){ + $URV = self::$URV.'is_ip4().'; + $TAIP = self::$TAIPInvalid; + foreach( $TAIP as $IP ){ + $this->assertFalse(is_ip4($IP), $URV); + } + } public function testis_ip4Filled(){ $URV = self::$URV.'is_ip4().'; $TAv4 = self::$TAIPv4; @@ -706,9 +728,16 @@ public function testis_ip4Filled(){ } } public function testis_ip6Empty(){ - $URV = self::$URV.'is_ip().'; + $URV = self::$URV.'is_ip6().'; $this->assertFalse(is_ip6(), $URV); } + public function testis_ipv6Invalid(){ + $URV = self::$URV.'is_ip6().'; + $TAIP = self::$TAIPInvalid; + foreach( $TAIP as $IP ){ + $this->assertFalse(is_ip6($IP), $URV); + } + } public function testis_ip6Filled(){ $URV = self::$URV.'is_ip6().'; $TAv4 = self::$TAIPv4; @@ -749,6 +778,13 @@ public function testipconvertEmpty(){ $URV = self::$URV.'ipconvert().'; $this->assertEQuals(0, ipconvert(), $URV); } + public function testipconvertInvalid(){ + $URV = self::$URV.'ipconvert().'; + $TAIP = self::$TAIPInvalid; + foreach( $TAIP as $IP ){ + $this->assertEQuals(0, ipconvert($IP), $URV); + } + } public function testipconvertIPv4(){ $URV = self::$URV.'ipconvert().'; $TAv4 = self::$TAIPv4; @@ -761,7 +797,7 @@ public function testipconvertIPv6(){ $URV = self::$URV.'ipconvert().'; $TAv6 = self::$TAIPv6; $TAv6R = self::$TAIPv6cR; - if( defined('GMP_VERSION') ){ + if( IPv6i() ){ // Can RTL do IPv6 on this install? foreach( $TAv6 as $IP ){ $this->assertEQuals($TAv6R[$IP], ipconvert($IP), $URV); } @@ -786,7 +822,7 @@ public function testipdeconvertIPv6(){ $URV = self::$URV.'ipdeconvert().'; $TAv6 = self::$TAIPv6; $TAv6R = self::$TAIPv6dR; - if( defined('GMP_VERSION') ){ + if( IPv6i() ){ // Can RTL do IPv6 on this install? foreach( $TAv6R as $key => $IP ){ $this->assertEQuals($IP, ipdeconvert($key), $URV); } @@ -812,7 +848,7 @@ public function testNMHCIpv4(){ public function testNMHCIpv6(){ $URV = self::$URV.'NMHC().'; $NMHC = self::$NMHCv6; - if( defined('GMP_VERSION') ){ + if( IPv6i() ){ // Can RTL do IPv6 on this install? for( $tmp = 0 ; $tmp != 129 ; $tmp++ ){ $this->assertEQuals($NMHC[$tmp], NMHC($tmp, true), $URV); } diff --git a/tests/php/istate_criteriaspTest.php b/tests/php/istate_criteriaspTest.php index 6a86cca..5473714 100644 --- a/tests/php/istate_criteriaspTest.php +++ b/tests/php/istate_criteriaspTest.php @@ -1,7 +1,7 @@ 1) { + LogTC($tf,'DB',"$alert_dbname@$alert_host:$alert_port"); + } + $db->baseDBConnect( + $db_connect_method, $alert_dbname, $alert_host, + $alert_port, $alert_user, $alert_password + ); + } + self::assertInstanceOf( + 'baseCon', $db, 'DB Object Not Initialized.' + ); + self::$db = $db; + } self::$omh = $maintain_history; + self::$opv = $_POST; self::$osv = $_SERVER; $maintain_history = 1; + unset($_SERVER['QUERY_STRING']); $_SESSION = NULL; // Initialize the history. InitArray($_SESSION['back_list'], 1, 3, ''); $_SESSION['back_list_cnt'] = 0; PushHistory(); // Load History $_SERVER['QUERY_STRING'] = '&front=1'; PushHistory(); + unset($_SERVER['QUERY_STRING']); self::$URV = 'Unexpected Return Value: '; + self::$HTT['sig_type'] = ''; + self::$HTT['sig_class'] = ''; + self::$HTT['ag'] = ''; + self::$HTT['sensor'] = ''; + self::$HTT['time'] = null; + self::$HTT['time_cnt'] = 0; + self::$HTT['ip_addr'] = null; + self::$HTT['ip_addr_cnt'] = 0; + self::$HTT['layer4'] = ''; + self::$HTT['ip_field'] = null; + self::$HTT['ip_field_cnt'] = 0; + self::$HTT['tcp_port'] = null; + self::$HTT['tcp_port_cnt'] = 0; + self::$HTT['tcp_field'] = null; + self::$HTT['tcp_field_cnt'] = 0; + self::$HTT['udp_port'] = null; + self::$HTT['udp_port_cnt'] = 0; + self::$HTT['udp_field'] = null; + self::$HTT['udp_field_cnt'] = 0; + self::$HTT['icmp_field'] = null; + self::$HTT['icmp_field_cnt'] = 0; + self::$HTT['rawip_field'] = null; + self::$HTT['rawip_field_cnt'] = 0; + self::$HTT['data'] = null; + self::$HTT['data_cnt'] = 0; + self::$HTT['data_encode'] = array ('', ''); } public static function tearDownAfterClass() { + GLOBAL $maintain_history; $maintain_history = self::$omh; + $_POST = self::$opv; $_SERVER = self::$osv; + self::$HTT = null; self::$UIL = null; self::$URV = null; + self::$db = null; self::$files = null; self::$langs = null; self::$omh = null; + self::$opv = null; self::$osv = null; self::$tc = null; } @@ -91,7 +181,6 @@ public function testClassCriteriaStateConstruct(){ $this->assertInstanceOf( // Create Criteria State Object. 'CriteriaState', $tc = new CriteriaState('Unit_Test'), $CNI ); - self::$tc = $tc; $TSC = array( // Test SubCriteria 'sig' => 'Signature', 'sig_class' => 'SignatureClassification', @@ -151,6 +240,162 @@ public function testPrintBackButtonOK() { ); } + public function testReadStateNotAcIt(){ + $URV = self::$URV.'ReadState().'; + $HTT = self::$HTT; + GLOBAL $UIL; + if ( is_object(self::$UIL) ){ + $UIL = self::$UIL; + }else{ + GLOBAL $BASE_installID; + include_once(self::$files); + } + $CNI = 'Class Not Initialized.'; + $this->assertInstanceOf( // Create Criteria State Object. + 'CriteriaState', $tc = new CriteriaState('Unit_Test'), $CNI + ); + $osession = $_SESSION; + $SCN = $_SERVER['SCRIPT_NAME']; + InitArray($HTP['back_list'], 1, 3, ''); + $HTP['back_list'][1]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][1]['QUERY_STRING'] = ''; + $HTP['back_list'][1]['session'] = ''; + $HTP['back_list'][2]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][2]['QUERY_STRING'] = '&front=1'; + $HTP['back_list'][2]['session'] = ''; + $HTP['back_list_cnt'] = 2; + // Test pre push stack. + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + $HTP['back_list'][3]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][3]['QUERY_STRING'] = '&middle=earth'; + $HTP['back_list'][3]['session'] = 'sig_type|s:0:"";sig_class|s:0:"";' + . 'ag|s:0:"";sensor|s:0:"";time|N;time_cnt|i:0;ip_addr|N;' + . 'ip_addr_cnt|i:0;layer4|s:0:"";ip_field|N;ip_field_cnt|i:0;' + . 'tcp_port|N;tcp_port_cnt|i:0;tcp_field|N;tcp_field_cnt|i:0;' + . 'udp_port|N;udp_port_cnt|i:0;udp_field|N;udp_field_cnt|i:0;' + . 'icmp_field|N;icmp_field_cnt|i:0;rawip_field|N;rawip_field_cnt|i:0;' + . 'data|N;data_cnt|i:0;data_encode|a:2:{i:0;s:0:"";i:1;s:0:"";}'; + $HTP['back_list_cnt'] = 3; + $HTP = array_merge($HTP, $HTT); + $_SERVER['QUERY_STRING'] = '&middle=earth'; + $tc->ReadState(); // Test Push. + $this->assertEquals(3, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + unset($_SERVER['QUERY_STRING']); + unset($_POST['caller']); + $_SESSION = $osession; + } + + public function testReadStateAcItSel(){ + $URV = self::$URV.'ReadState().'; + $HTT = self::$HTT; + GLOBAL $UIL; + if ( is_object(self::$UIL) ){ + $UIL = self::$UIL; + }else{ + GLOBAL $BASE_installID; + include_once(self::$files); + } + $CNI = 'Class Not Initialized.'; + $this->assertInstanceOf( // Create Criteria State Object. + 'CriteriaState', $tc = new CriteriaState('Unit_Test'), $CNI + ); + $osession = $_SESSION; + $SCN = $_SERVER['SCRIPT_NAME']; + InitArray($HTP['back_list'], 1, 3, ''); + $HTP['back_list'][1]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][1]['QUERY_STRING'] = ''; + $HTP['back_list'][1]['session'] = ''; + $HTP['back_list'][2]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][2]['QUERY_STRING'] = '&front=1'; + $HTP['back_list'][2]['session'] = ''; + $HTP['back_list_cnt'] = 2; + // Test pre push stack. + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + $_POST['submit'] = _SELECTED; + $tc->ReadState(); // Test Push. + $HTP = array_merge($HTP, $HTT); + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + unset($_SERVER['QUERY_STRING']); + unset($_POST['submit']); + $_SESSION = $osession; + } + public function testReadStateAcItScreen(){ + $URV = self::$URV.'ReadState().'; + $HTT = self::$HTT; + GLOBAL $UIL; + if ( is_object(self::$UIL) ){ + $UIL = self::$UIL; + }else{ + GLOBAL $BASE_installID; + include_once(self::$files); + } + $CNI = 'Class Not Initialized.'; + $this->assertInstanceOf( // Create Criteria State Object. + 'CriteriaState', $tc = new CriteriaState('Unit_Test'), $CNI + ); + $osession = $_SESSION; + $SCN = $_SERVER['SCRIPT_NAME']; + InitArray($HTP['back_list'], 1, 3, ''); + $HTP['back_list'][1]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][1]['QUERY_STRING'] = ''; + $HTP['back_list'][1]['session'] = ''; + $HTP['back_list'][2]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][2]['QUERY_STRING'] = '&front=1'; + $HTP['back_list'][2]['session'] = ''; + $HTP['back_list_cnt'] = 2; + // Test pre push stack. + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + $_POST['submit'] = _ALLONSCREEN; + $tc->ReadState(); // Test Push. + $HTP = array_merge($HTP, $HTT); + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + unset($_SERVER['QUERY_STRING']); + unset($_POST['submit']); + $_SESSION = $osession; + } + public function testReadStateAcItQry(){ + $URV = self::$URV.'ReadState().'; + $HTT = self::$HTT; + GLOBAL $UIL; + if ( is_object(self::$UIL) ){ + $UIL = self::$UIL; + }else{ + GLOBAL $BASE_installID; + include_once(self::$files); + } + $CNI = 'Class Not Initialized.'; + $this->assertInstanceOf( // Create Criteria State Object. + 'CriteriaState', $tc = new CriteriaState('Unit_Test'), $CNI + ); + $osession = $_SESSION; + $SCN = $_SERVER['SCRIPT_NAME']; + InitArray($HTP['back_list'], 1, 3, ''); + $HTP['back_list'][1]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][1]['QUERY_STRING'] = ''; + $HTP['back_list'][1]['session'] = ''; + $HTP['back_list'][2]['SCRIPT_NAME'] = $SCN; + $HTP['back_list'][2]['QUERY_STRING'] = '&front=1'; + $HTP['back_list'][2]['session'] = ''; + $HTP['back_list_cnt'] = 2; + // Test pre push stack. + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + $_POST['submit'] = _ENTIREQUERY; + $tc->ReadState(); // Test Push. + $HTP = array_merge($HTP, $HTT); + $this->assertEquals(2, $_SESSION['back_list_cnt'], $URV); + $this->assertEquals($HTP, $_SESSION, $URV); + unset($_SERVER['QUERY_STRING']); + unset($_POST['submit']); + $_SESSION = $osession; + } + // Add code to a function if needed. // Stop here and mark test incomplete. //$this->markTestIncomplete('Incomplete Test.');