Location: PHPKode > projects > Cancerbero - The watchdog of the ports > cancerbero-0.6/site/config.php
<?php


include_once('include/class_history_links.inc');
include_once("include/dbconnect.php");
include_once("include/functions.php");
include_once("menu.html");


$config = new ReadConfig;

$conf = "";
$conf = $_REQUEST["conf"];
//$conf = $conf.$_POST["conf"];

switch($conf)
{
	
case "general":

	# Save data
	$save = "";
	if (isset($_GET["save"])) $save = $_GET["save"];
	if (isset($_POST["save"])) $save .= $_POST["save"];

	if ( $save == "save" ) {
		$num_rows = trim($_GET['num_rows']);
		$num_links = trim($_GET['num_links']);
		if (isset($_GET['gui_debug'])){
			$gui_debug = (trim($_GET['gui_debug']) == 'on') ? 1 : -1;
		} else {
			$gui_debug = -1;
		}

		$check_alive = trim($_GET['check_alive']);
		$update = "UPDATE configuration SET check_alive = '$check_alive',gui_debug = '$gui_debug', num_rows = '$num_rows',num_links = '$num_links' WHERE database_ver = ". DATABASE_VER;
		mysql_query($update)  or die (mysql_error());
		

		echo "<div align='center' class='lowred'><h2>Default configuration updated</h2></div>";
	}

	if ( $save == "save_database" ) {

		$name_db = trim($_POST['name_db']);
		$user_db = trim($_POST['user_db']);
		$pass_db = trim($_POST['pass_db']);
		$retype_pass_db = trim($_POST['retype_pass_db']);
		$host_db = trim($_POST['host_db']);

		$status_connect = mysql_connect($host_db, $user_db, $pass_db);
		$status_select = mysql_select_db($name_db);

		if ($status_connect && $status_select) {
	
			if ($file = fopen( "/etc/cancerbero/cancerbero.cfg",  "w+")) { 
				fwrite($file,"#(AUTOGENERATED by cancerbero-gui) Be careful if you modify it.\n");
				fwrite($file,"#\n");
				fwrite($file,"# Configuration file of cancerbero. Edit to fit your needs.\n");
				fwrite($file,"#\n");
				fwrite($file,"\n");
				fwrite($file,"\$name_db = \"$name_db\";\n");
				fwrite($file,"\$user_db = \"$user_db\";\n");
				fwrite($file,"\$pass_db = \"$pass_db\";\n");
				fwrite($file,"\$host_db = \"$host_db\";\n");
				fwrite($file,"\n");
				fwrite($file,"\$nmap_bin=\"/usr/bin/nmap\";\n");
				fclose($file); // hemos terminado, cerramos el apuntador
			} 
		} else {
			echo "\n\n <h1>WARNING: Can't connect to the database with that values...we automatically keep the old ones.</h1>\n";
		}	 
	}

	$general = $config->General('gui_debug');

	if ($general['gui_debug'] == 1)  {
		echo "<div align='center' class='orange'><h2><blink>Debug mode activated</blink></h2></div>";
	} else {
		echo "<br>";
	}

	# Query db for the general config.
	
	$general = $config->General();
	$check_alive = $general['check_alive'];
	$num_rows = $general['num_rows'];
	$num_links = $general['num_links'];
	$gui_debug = $general['gui_debug'];

	#Form to input and update conf
	echo "
	<div class='row'><div align='center'>
	<table  class='cancerbero' border = 1>
		
		<div align='center'><h1>Change default configuration&nbsp;<img src='icons/help.png' onmouseover=\"return escape('General configuration of Cancerbero-GUI and access options to Cancerbero database.')\" border='0'>&nbsp;</h1></div>
		<p>&nbsp;
		<tr>
		<td>
		<form action='config.php' method='get' onsubmit='return checkform(this);'>
		<p><div align='left'><b>Interval to check if cancerbero engine is alive in segs ($check_alive): </b>
		<input class='input' onmouseover=\"return escape('This the time interval in segs. for checking if cancerbro sensors are alive. Default 30 segs.')\" type='text' name='check_alive' value='$check_alive' size='2'>&nbsp;
		<p><b>Configure number of lines in the tables ($num_rows):  </b>
		<input class='input' onmouseover=\"return escape('Number of rows in tables. Tables with more rows will be paginated.')\" type='text' name='num_rows' value='$num_rows' size='2'>&nbsp;
		<p><b>Configure number of pages in the bottom of the tables ($num_links):  </b>
		<input class='input' onmouseover=\"return escape('Number of pages that will be displayed in the bottom of the paginated pages.')\" type='text' name='num_links' value='$num_links' size='2'>&nbsp;
		";
		
		if ($gui_debug > 0) {
			echo "<p><b>Unckeck for deactivate debug mode  (ON): ";
			echo "<input class='input' onmouseover=\"return escape('Debug is ON. Verbose info will be displayed. <br> Not interesting excepting for debug purposes.')\" type='checkbox' checked name='gui_debug' >&nbsp;";
		} else {
			echo "<p><b>Check for activate debug mode  (OFF): ";
			echo "<input class='input' onmouseover=\"return escape('Debug is OFF. Normal info will be displayed. <br> This is the default mode.')\" type='checkbox' name='gui_debug' >&nbsp;";
		}
		echo "</div>
		<input type='hidden' name='conf' value='general'>
		<p><div align='center'><input class='lowred' type='submit' name='save' value='save'></div>
		</form>
		</td>
		";
		if ($file = fopen( "/etc/cancerbero/cancerbero.cfg",  "r")) { 
			while (!feof($file)) {
				$linea = fgets($file, 1024);
				if (!(stristr($linea,'<') || stristr($linea,'>'))) {
					eval ($linea);
				}
			}
			fclose($file); // hemos terminado, cerramos el apuntador
		} 

		echo "
		<td>
		<form action='config.php' method='POST' onsubmit='return checkform(this);'>
		<div align='left'>
		<p><b>Database Name:  </b>
		<input class='input' onmouseover=\"return escape('Name of the Database where Cancerbero is storing all the info. <br> Default is cancerberodb')\" type='text' name='name_db' value='$name_db' maxlength=255>&nbsp;
		<p><b>User of the database:  </b>
		<input class='input' onmouseover=\"return escape('Database User of the defined Database. <br> Default is cancerbero')\" type='text' name='user_db' value='$user_db' maxlength=255>&nbsp;
		<p><b>Password:  </b>
		<input class='input' onmouseover=\"return escape('Password for the defined Database User.')\" type='password' name='pass_db' value='' maxlength=255>&nbsp;
		<p><b>Host of the database:  </b>
		<input class='input' onmouseover=\"return escape('Hostname of the Database Server. <br> Default is localhost.')\" type='text' name='host_db' value='$host_db' maxlength=255>&nbsp;
		</div>
		<input type='hidden' name='conf' value='general'>
		<p><div align='center'><input class='lowred' type='submit' name='save' value='save_database'></div>
		</form>
		

		</td>
	</table>	
	</div></div>
	";

	break;

case "sensor":

	# Save data
	$save = "";
	$sensor = "";
	$savewl = "";
	$operation = "";
	if (isset($_GET["save"])) $save = $_GET["save"];
	if (isset($_GET["sensor"])) $sensor = $_GET["sensor"];
	if (isset($_GET["savewl"])) $savewl = $_GET["savewl"];
	if (isset($_GET["operation"])) $operation = $_GET["operation"];

	$sensors_list = mysql_query("SELECT sensor_id,sensor_name FROM sensors");

	if ((mysql_num_rows ($sensors_list) == 1) and ($save == "begining")) {
		$save = "select";
		$sensors = mysql_fetch_assoc($sensors_list);
		$sensor = $sensors['sensor_id'];
	}

	if ( $save == "begining") {

		# Form to select the sensor that will be configured.
		
		
		echo "<div class='row'>
		<div align='center'><h1>Select a Sensor</h1>
		<p>&nbsp;";
	
		echo "<table CELLSPACING='20'>";
	
		$counter = 0;
		$sensors = mysql_fetch_assoc($sensors_list);
		while ($sensors) {
			$counter = 0;
			echo "<tr>";
			while ($sensors && ($counter < 4)) {
				$counter = $counter + 1;
				echo "
				<td>
				<table>
				<tr>
				<td><div align='center'><a title='$sensors[sensor_name]' onmouseover=\"return escape('Select the sensor $sensors[sensor_name] for configure.')\" href='config.php?conf=sensor&save=select&sensor=$sensors[sensor_id]'><IMG src='icons/utilities-system-monitor.png' border='0'></a></div></td>
				</tr>
				<tr>
				<td><a title='$sensors[sensor_name]' href='config.php?conf=sensor&save=select&sensor=$sensors[sensor_id]'>$sensors[sensor_name]</a></td>
				</tr>
				</table>
				</td>
				";
				$sensors = mysql_fetch_assoc($sensors_list);
			}
			echo "</tr>";
		}
	
		echo "
		</table>
		</div>
		</div>
		";
		break;
	}

	#Show the form of the sensor to modify it.

	if ( $save == "select" ) {
		
		# Query db for the general config.
		$sensor_conf = $config->Sensor($sensor);

		$sensor_ranges_list = mysql_query("SELECT range_id,range,range_name FROM ranges WHERE sensor_id = '$sensor'");
		$white_list_ranges = mysql_query("SELECT white_list,white_list_id FROM white_list,ranges WHERE white_list.range_id = ranges.range_id and sensor_id = '$sensor'");
		$owners_list = mysql_query("SELECT owners.owner_id,owners.email AS Owner, ownership.object, ownership.object_index FROM owners, ownership WHERE owners.owner_id = ownership.owner_id AND ownership.object = 'sensor' AND ownership.object_index = '$sensor'");
		# Form with the sensor configuration values

		#AddUsers Form
		$add_user_form = "<div style='display: none;' id='addusers'>
		<div style='padding-top: 1px; padding-bottom: 1px'>
		<h1> Add owners for this sensor</h1>
		<form action='owners.php' method='get' onsubmit='return checkform(this);'>
		<table border=1 width = 100%>
		<TR>
			<TD>
			<h3>eMail: <input class='input' type='text' name='useremail' size='20' maxlength='100'></h3>
			</TD>
		</TR>
		<input type='hidden' name='object' value='Sensor'>
		<input type='hidden' name='object_index' value='{$sensor_conf['sensor_id']}'>
		<input type='hidden' name='option' value='add_owners'>
		</table>
		<p><div align='center'><input class='lowred' type='submit' name='save' value='save'></div>
		</form>
		</div>
		</div>
		";

		echo "
		<div class='row'>
			<h1>Sensor: $sensor_conf[sensor_name]</h1>";
			$menu_bar = menu_bar(array('owners'=>'addusers','trash'=>'2'),$sensor);
			echo "<br>";
			echo "<div class='buttonbar_sensors' > $menu_bar</div>";
			echo "<div class='buttonbar_sensors' style='border-width: 0px 1px 0px 1px'> $add_user_form</div>";
			echo "
			<div class='fcol1' style='border-style: solid; border-width: 1px; padding-left: 5px; padding-right: 5px'>
				<!--Form to input and update conf-->
				<div align='center'><h2>Sensor configuration&nbsp;<img src='icons/help.png' onmouseover=\"return escape('Configuration parameters of \'$sensor_conf[sensor_name]\'.')\" border='0'>&nbsp;</h2></div>
				<p>&nbsp;
				<form action='config.php' method='get' onsubmit='return checkform(this);'>
				<p><b>Seconds between every sweep discover ($sensor_conf[sensor_sweep_time]):  </b>
				<input class='input' onmouseover=\"return escape('This is the interval in seconds between discover sweeps. You should never set here a value lower than 1800 because few time will rest for scans. <br>Default value is 3600')\" type='text' name='sweep_time' value='$sensor_conf[sensor_sweep_time]' size='6'>
				</p>
				<p><b>Nmap sweep discover options ($sensor_conf[nmap_sweep]):  </b>
				";
				form_speed_nmap('Sweep',$sensor_conf['sensor_nmap_sweep_opts']);
				echo "</p>
				<p><b>Number of simultaneous IP scan ($sensor_conf[sensor_max_num_scan]):  </b>
				<input class='input' onmouseover=\"return escape('Max simultaneous scans that the sensor can launch, he won\'t launch anymore until some of the others has finished. Be carefully, to much simultaneous scans can produce a high performance impact for the sensor host and the network load. <br>Between 5 to 10 should be enough.')\" type='text' name='max_num_scan' value='$sensor_conf[sensor_max_num_scan]' size='2'>
				</p>
				<p><b>Number of stored scans by IP ($sensor_conf[sensor_stored_scans]):  </b>
				<input class='input' onmouseover=\"return escape('Max number of scans for each IP that will be stored in the database. When limit is reached oldest scans are purged automatically.')\" type='text' name='stored_scans' value='$sensor_conf[sensor_stored_scans]' size='2'>
				</p>
				";
				if ($sensor_conf['sensor_loop'] == "1") {
					echo "<p><b>Check for activate once mode  (LOOP MODE):";
					echo "<input class='input' onmouseover=\"return escape('You can run the sensor only once and then it finishes or (as usual) you can run it forever in a loop. <br>Default is LOOP MODE')\" type='checkbox' checked name='loop'>
					</p>";
				} else {
					echo "<p><b>Unckeck for activate loop mode  (ONCE MODE):";
					echo "<input class='input' onmouseover=\"return escape('You can run the sensor only once and then it finishes or (as usual) you can run it forever in a loop. <br>Default is LOOP MODE')\" type='checkbox' name='loop'>
					</p>";
				}
			
				if ($sensor_conf['sensor_debug'] > 0) {
					echo "<p>Unckeck for deactivate debug mode  (ON): <b>";
					echo "<input class='input' onmouseover=\"return escape('The sensor debug mode will populate the log file with verbose info of cancerbero sensor, usually in \"/var/log/cancerbero/cancerbero.log\" and also, of course, gives more information of whatever it\'s happening.')\" type='checkbox' checked name='debug' >
					</p>";
				} else {
					echo "<p><b>Check for activate debug mode  (OFF): ";
					echo "<input class='input' onmouseover=\"return escape('The sensor debug mode will populate the log file with verbose info of cancerbero sensor, usually in \'/var/log/cancerbero/cancerbero.log\' and also, of course, gives more information of whatever it\'s happening.')\" type='checkbox' name='debug' >
					</p>";
				}
				
				echo "
				<hr>
				<div align='center'><h2>Range default values&nbsp;<img src='icons/help.png' onmouseover=\"return escape('That are JUST the default value for this sensor\'s range, the real value is defined for each range in the \'Config->Range\' menu.')\" border='0'>&nbsp</h2></div>
				<p>&nbsp;
				<p><b>Days between scan each IP ($sensor_conf[sensor_delay_scan]):  </b>
				<input class='input' onmouseover=\"return escape('This is the interval in days in witch each host will be tried to scan. Is JUST the default value for this sensor\'s range, the real value is defined for each range in the \'Config->Range\' menu.')\" type='text' name='delay_scan' value='$sensor_conf[sensor_delay_scan]' size='3'>
				</p>
				<p><b>Nmap scan options ($sensor_conf[nmap_scan]):  </b>";
				form_speed_nmap('Scan',$sensor_conf['sensor_nmap_opts']);
				echo "
				</p>
				<input type='hidden' name='conf' value='sensor'>
				<input type='hidden' name='sensor' value='$sensor'>
				<p><div align='center'><input class='lowred' type='submit' name='save' value='save'></div>
				</form>
				<p>&nbsp;";
				if (mysql_num_rows($owners_list) != 0) {
					echo "<hr>";
					echo "<div align='center'><h2>Owners of this sensor
						&nbsp;<img src='icons/help.png' onmouseover=\"return escape('This is the list of responsible people of this sensor. It can be configure to receive alerts generated by this sensor.')\" border='0'>&nbsp;</h2></div>";
					while ($owners = mysql_fetch_assoc($owners_list)) {
						echo "\t\t<div align = 'center' style='vertical-align: middle; background-color: rgb(255, 255, 255)'><h3><a href='owners.php?option=view_owners&owner=$owners[Owner]&object=$owners[object]&object_index=$owners[object_index]'>$owners[Owner]</a>&nbsp;&nbsp;<a href='owners.php?option=delete_owner&owner=$owners[Owner]&object=$owners[object]&object_index=$owners[object_index]'><img src='icons/delete_small.png' align='bottom' border='0'></a></h3></div>\n";
					}
				}
				echo "
			</div>
			<div class='fcol1' style='border-style: solid; border-width: 1px; padding-left: 5px;'>
				";
				# List of the ranges asociated to the actual sensor.
				echo "
				<div align='center'><h2>Ranges&nbsp;<img src='icons/help.png' onmouseover=\"return escape('List of network ranges configured for this sensor. You can click on it to configure the ranges options.')\" border='0'>&nbsp;</h2></div>
				<p>&nbsp;
				";
				while ($sensor_ranges = mysql_fetch_array($sensor_ranges_list)) {
					$range_description = ($sensor_ranges['range_name'] == "") ? $sensor_ranges['range'] : $sensor_ranges['range_name'];
					echo "<div align='center'><a title='$sensor_ranges[range]' href='config.php?conf=range&range=$sensor_ranges[range_id]&save=select&sensor=$sensor'>$range_description</a></div>
					&nbsp;";					
				}
				# List the whitelist asociated to the actual sensor. Can be deleted with a click.
				echo "
				<hr>
				<div align='center'><h2>WhiteList&nbsp;<img src='icons/help.png' onmouseover=\"return escape('List of host or network ranges that never will be scanned. You can extract a host (or a network range) from the white list clicking in the red cross behind it. For add a new white list you must follow some restrictions. <p>1.- For each groups of IPs, all of them must be in a unique range defined before. <p> 2.- None of the IPs can be in other white list.')\" border='0'>&nbsp;</h2></div>
				<p>&nbsp;
				";
				while ($wl_ranges = mysql_fetch_row($white_list_ranges)) {
					echo "<div align='center'>$wl_ranges[0]<a href='config.php?conf=sensor&whitelist=$wl_ranges[0]&whitelistid=$wl_ranges[1]&savewl=delete'><img src='icons/b_drop.png' width='12' height='12' align='top' border='0'></a></div>
					";
				}
				# A form to add a whitelist to the actual sensor.
				echo "
				<p>&nbsp;
				<p>&nbsp;
				<form action='config.php' method='get' onsubmit='return checkform(this);'>
				<div align='center'><b>Add WhiteList:
				<input type='hidden' name='conf' value='sensor'>
				<input class='input' type='text' name='whitelist' size='18' maxlength='18'>
				<input type='hidden' name='sensor' value='$sensor'>
				<input class='lowred' type='submit' name='savewl' value='save'></p></div>
				</form>
				<p>&nbsp;</p>
			</div>
		</div>
		";
		break;
	}

	if ( $save == "save" ) {
		
		# Save the sensor configuration values.

		$delay_scan = trim($_GET['delay_scan']);
		$sweep_time = trim($_GET['sweep_time']);
		$max_num_scan = trim($_GET['max_num_scan']);
		$stored_scans = trim($_GET['stored_scans']);
		$nmap_sweep_opts = $_GET['nmap_sweep_opts'];
		$nmap_opts = $_GET['nmap_opts'];
		$loop = $_GET['loop'];
		if ($loop == "on") {
			$loop = 1;
		} else { 
			$loop = 2;
		}
		$debug = "";
		if (isset($_GET["debug"])) $debug = $_GET["debug"];
		if ($debug == "on") {
			$debug = 1;
		} else { 
			$debug = -1;
		}
		#echo "$delay_scan - $sweep_time - $max_num_scan - $nmap_sweep_opts - $nmap_opts - $check_alive - $loop - $debug <br>";
		$update = "UPDATE sensors SET sensor_delay_scan = '$delay_scan', sensor_sweep_time = '$sweep_time', sensor_max_num_scan = '$max_num_scan', sensor_stored_scans = '$stored_scans', sensor_nmap_sweep_opts = '$nmap_sweep_opts', sensor_nmap_opts = '$nmap_opts', sensor_loop = '$loop', sensor_debug = '$debug' WHERE sensor_id = '$sensor'";
		mysql_query($update);
		# echo "$delay_scan - $sweep_time - $max_num_scan - $nmap_sweep_opts - $nmap_opts - $check_alive - $loop - $debug";
		echo "Configuration updated.";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
		break;
		
	}
	
	if ( $savewl == "save" ) {
		# Save the added whitelist in the DB.
		$whitelist = trim($_GET["whitelist"]);
		$added_from_sensor = trim($_GET['sensor']);

		$counter_range=0;
		$ips = list_cidr($whitelist);
		$query_ip_rang = mysql_query("SELECT ranges.range_id,sensor_id FROM hosts,ranges WHERE hosts.range_id = ranges.range_id AND ip = '$ips[0]'")  or die (mysql_error());
		$ip_range_ini = mysql_fetch_assoc($query_ip_rang);
		if (!$ip_range_ini["range_id"]) {
			echo "<h1>IP: $ips[0]: ERROR. You are trying to add $whitelist witch is, total o partial, out of actual ranges.</h1>";
			$return = $h->get_history_go(-1);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
			break;
		} else {
			$query_check_unique = mysql_query("SELECT white_list FROM white_list WHERE range_id = '$ip_range_ini[range_id]'")  or die (mysql_error());
			while ($wl = mysql_fetch_assoc($query_check_unique)) {
				if (match_cidr($ips[0], $wl["white_list"])) {
					$match_whitelist = $wl["white_list"];
					echo "<h1>ERROR. You are trying to add $whitelist witch conflicts with $match_whitelist.</h1>";
					$return = $h->get_history_go(-1);
					echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
					break 2;
				}
			}
		}
		$range_matrix[$counter_range] = $ip_range_ini["range_id"];
		foreach ($ips as $ip) {
			$query_ip_rang = mysql_query("SELECT range_id FROM hosts WHERE ip = '$ip'")  or die (mysql_error());
			$ip_range_sec = mysql_fetch_assoc($query_ip_rang);
			if (!$ip_range_sec["range_id"]) {
				echo "<h1>IP: $ip: ERROR. You are trying to add $whitelist witch is, total o partial, out of actual ranges.</h1>";
				$return = $h->get_history_go(-1);
				echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
				break 2;
			} else {
				$query_check_unique = mysql_query("SELECT white_list FROM white_list WHERE range_id = '$ip_range_sec[range_id]'")  or die (mysql_error());
				while ($wl = mysql_fetch_assoc($query_check_unique)) {
					if (match_cidr($ip, $wl["white_list"])) {
						$match_whitelist = $wl["white_list"];
						echo "<h1>ERROR. You are trying to add $whitelist witch conflicts with $match_whitelist.</h1>";
						$return = $h->get_history_go(-1);
						echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
						break 3;
					}
				}
			}
			if ($ip_range_ini["range_id"] != $ip_range_sec["range_id"]){
				$counter_range++;
				$range_matrix[$counter_range] = $ip_range_sec["range_id"];
				$ip_range_ini = $ip_range_sec;
			} 
		}
		if ($counter_range > 0) {
			echo "<h1>ERROR. You are trying to add $whitelist witch is ranging in more than one scan range.</h1>";
			echo "<h2>List of affected ranges:</h2>";
			foreach ($range_matrix as $range_match) {
				$query_range_name = mysql_query("SELECT range FROM ranges WHERE range_id = '$range_match'")  or die (mysql_error());
				$range_name = mysql_fetch_assoc($query_range_name);
				echo "<h3>$range_name[range]</h3>";
			}
			$return = $h->get_history_go(-1);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
		} else {
			if ($added_from_sensor != $ip_range_ini["sensor_id"]) {
				$query_added_from_sensor = mysql_query("SELECT sensor_name FROM sensors WHERE sensor_id = '$added_from_sensor'")  or die (mysql_error());
				$added_from_sensor_name = mysql_fetch_assoc($query_added_from_sensor);
				$query_added_in_sensor = mysql_query("SELECT sensor_name FROM sensors WHERE sensor_id = '$ip_range_ini[sensor_id]'")  or die (mysql_error());
				$added_in_sensor_name = mysql_fetch_assoc($query_added_in_sensor);
				#Show a warning with the whitelist is in another sensor.
				echo "
				<div class='row'>
				<div align='center'><h1>Whitelist $whitelist is in sensor $added_in_sensor_name[sensor_name] and you are trying to add from sensor $added_from_sensor_name[sensor_name].</h1></div>
				<div align='center'><h2> Do you want to add it anyway?</h2></div>
				<form action='config.php' method='get' onsubmit='return checkform(this);'>
				<input type='hidden' name='sure' value='yes'>
				<input type='hidden' name='conf' value='sensor'>
				<input type='hidden' name='sensor' value='$ip_range_ini[sensor_id]'>
				<input type='hidden' name='whitelist' value='$whitelist'>
				<p><div align='center'><input class='lowred' type='submit' name='savewl' value='save'>&nbsp;<input class='lowred' type='submit' name='save' value='select'></div>
				";
				$return = $h->get_history_go(-2);
				echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
			} else {
				$range_wl = $range_matrix[0];
				$ips = list_cidr($whitelist);
				foreach ($ips as $ip) {
					$update_host_wl = mysql_query("UPDATE hosts SET priority = 0 WHERE ip = '$ip' AND priority != 1") or die (mysql_error());
				}
	
				$insertwl = ("INSERT INTO white_list (range_id, white_list) VALUES ('$range_wl', '$whitelist')");
				mysql_query($insertwl) or die (mysql_error());
				echo "Whitelist $whitelist added.";
				$return = $h->get_history_go(-1);
				echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
			}
		}
		break;
	} elseif ( $savewl == "delete" ) {
		# Delete a whitelist from the DB.
		$sure = "";
		$whitelist = trim($_GET['whitelist']);
		$whitelistid = trim($_GET['whitelistid']);
		if (isset($_GET['sure'])) $sure = $_GET['sure'];
		
		if ( $sure == "yes" ) {
			echo "Deleting...";
			if (stristr($whitelist, '/') === FALSE) {
				$ip = $whitelist;
				$update_host_wl = mysql_query("UPDATE hosts SET priority = 6 WHERE ip = '$ip'") or die (mysql_error());
			} else {
				$ips = list_cidr($whitelist);
				foreach ($ips as $ip) {
					$update_host_wl = mysql_query("UPDATE hosts SET priority = 6 WHERE ip = '$ip'") or die (mysql_error());
				}
			}
			$delete_wl = mysql_query("DELETE FROM white_list WHERE white_list_id = '$whitelistid'");
			echo "...Done <br>";
			echo "Whitelist $whitelist deleted.";
			$return = $h->get_history_go(-2);
			echo "<p><a href='$return'>Return sensor configuration page</a><br>";
			break;
		} else {
			#Show a warning with the whitelist that will be deleted.
			echo "
			<div class='row'>
			<div align='center'><h1>Whitelist $whitelist is goint to be deleted.</h1></div>
			<div align='center'><h2> Are you sure?</h2></div>
			<form action='config.php' method='get' onsubmit='return checkform(this);'>
			<input type='hidden' name='sure' value='yes'>
			<input type='hidden' name='conf' value='sensor'>
			<input type='hidden' name='whitelistid' value='$whitelistid'>
			<input type='hidden' name='whitelist' value='$whitelist'>
			<p><div align='center'><input class='lowred' type='submit' name='savewl' value='delete'></div>
			";
			$return = $h->get_history_go(-1);
			echo "<p><a href='$return'>Return sensor configuration page</a><br>";

			break;
		}
	} elseif ($save == "delete") {
		# Delete a sensor from the DB.
		$sensor = trim($_GET['sensor']);
		$sure = $_GET['sure'];
		
		if ( $sure == "yes" ) {
			echo "Deleting...";
			$query_ranges_per_sensor = mysql_query("SELECT range_id,range FROM ranges WHERE sensor_id = '$sensor'")  or die (mysql_error());
			while ($range_of_sensor = mysql_fetch_assoc($query_ranges_per_sensor)) {
				delete_ranges ($range_of_sensor[range_id],$range_of_sensor[range]); 
			}
			echo "...Deleting sensor values...<br>";
			$query_delete_sensor = mysql_query("DELETE sensors,program_values FROM sensors,program_values WHERE sensors.sensor_id = program_values.sensor_id and sensors.sensor_id = $sensor") or die (mysql_error());
			if ($query_delete_sensor){
				echo "...Done <br>";
			}	
			echo "End, have a nice day<br>";
			$return = $h->get_history_go(-2);
			echo "<p><a href='$return'>Return sensor configuration page</a><br>";

			break;
		} else {
			#Show a warning with the sensor that will be deleted.
			echo "
			<div class='row'>
			<div align='center'><h1>Sensor $sensor_name is goint to be deleted.</h1></div>
			<div align='center'><h2><blink> Are you really sure? </blink></h2> 
			<p><h1>All the ranges and their information will be erased without solution...we recommended that press back bottom of your browser and make a saveguard copy of your database.</h1></div>
			<form action='config.php' method='get' onsubmit='return checkform(this);'>
			<input type='hidden' name='sure' value='yes'>
			<input type='hidden' name='sensor' value='$sensor'>
			<input type='hidden' name='conf' value='sensor'>
			<input type='hidden' name='save' value='delete'>
			<p><div align='center'><input class='lowred' type='submit' name='save' value='delete'></div>
			";
			$return = $h->get_history_go(-1);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return sensor configuration page</a></h2></div>";
			break;
		}
	}	
	

case "range":

	# Save data
	$save = "";
	$range  = "";
	if (isset($_GET['save'])) $save = $_GET['save'];
	if (isset($_GET['range'])) $range = $_GET['range'];
	if (isset($_GET['operation'])) $operation = $_GET['operation'];

	if ( $save == "select" ) {
		# Query db for the general config.
		$range_conf = $config->Range($range);

		$sensor_id = $range_conf['sensor_id'];
		$sensor_query = mysql_query("SELECT sensor_name FROM sensors WHERE sensor_id = $sensor_id");
		$sensor_range = mysql_fetch_row($sensor_query);
		$sensors = mysql_query("SELECT sensor_id,sensor_name FROM sensors");

		$owners_list = mysql_query("SELECT owners.owner_id,owners.email AS Owner , ownership.object, ownership.object_index FROM owners, ownership WHERE owners.owner_id = ownership.owner_id AND ownership.object = 'range' AND ownership.object_index = '$range'");

		#AddUsers Form
		$add_user_form = "<div style='display: none;' id='addusers'>
		<div style='padding-top: 1px; padding-bottom: 1px'>
		<h1> Add owners for this range</h1>
		<form action='owners.php' method='get' onsubmit='return checkform(this);'>
		<table border=1 width = 100%>
		<TR>
			<TD>
			<h3>eMail: <input class='input' type='text' name='useremail' size='20' maxlength='100'></h3>
			</TD>
		</TR>
		<input type='hidden' name='option' value='add_owners'>
		<input type='hidden' name='object' value='Range'>
		<input type='hidden' name='object_index' value='{$range_conf['range_id']}'>
		</table>
		<p><div align='center'><input class='lowred' type='submit' name='save' value='save'></div>
		</form>
		</div>
		</div>
		";

		# Form to input and update conf
		$range_description = ($range_conf['range_name'] == "") ? $range_conf['range'] : $range_conf['range_name'].' ('.$range_conf['range'].')';
		echo "
		<div class='row'>
		<div align='center'><h1>$range_description configuration</h1></div>";

		$menu_bar = menu_bar(array('owners'=>'addusers','trash'=>'3'),$range);
		echo "<br>";
		echo "<div class='buttonbar_sensors' style='margin-right: 6px'> $menu_bar</div>";
		echo "<div class='buttonbar_sensors' style='border-width: 0px 1px 0px 1px; margin-right: 6px;'>$add_user_form</div>";

		# Get info from netblock.in $data array
		$data = net_data ($range_conf['range']);

		# Store the info in more readable vars.
		$netmask = long2ip($data[2]);
		$net_address = long2ip($data[3]);
		$broadcast = long2ip($data[4]);
		$host_number = $data[5];
		$start_range = long2ip($data[3] + 1);
		$end_range = long2ip($data[4] - 1);
		$cidr_range = $data[6];

		#$range_delay_scan = $sensor_delay['sensor_delay_scan'];
		#$range_nmap_opts = $sensor_nmap['nmap_scan'];

		# Form to input range
		echo "
		<div class='fcol1' style='border-style: solid; border-width: 1px; padding-left: 5px; padding-right: 5px'>
			<div align='center'><h1>Info of the range</h1></div>
			<p><b>Range name: <span style='color: #FFA537'>$range_conf[range_name]</span> </b></p>
			<p><b>CIDR Range: <span style='color: #FFA537'>$cidr_range</span> </b></p>
			<p><b>Netmask: <span style='color: #FFA537'>$netmask</span>  </b></p>
			<p><b>Address Network: <span style='color: #FFA537'>$net_address</span>  </b></p>
			<p><b>Broadcast: <span style='color: #FFA537'>$broadcast</span>  </b></p>
			<p><b>Number of IPs: <span style='color: #FFA537'>$host_number</span>  </b></p>
			<p><b>Range of IPs: <span style='color: #FFA537'>$start_range - $end_range</span>  </b></p>
			<p><b>Sensor: <span style='color: #FFA537'><a href='config.php?sensor=$range_conf[sensor_id]&conf=sensor&save=select'>$sensor_range[0]</a></span> </b></p>
			<p><b>Comments: <span style='color: #FFA537'>$range_conf[comment]</span> </b></p>
		";
			if (mysql_num_rows($owners_list) != 0) {
				echo "<hr>";
				echo "<div align='center'><h2>Owners of this range&nbsp;<img src='icons/help.png' onmouseover=\"return escape('This is the list of responsible people of this range. It can be configure to receive alerts generated by hosts of this range.')\" border='0'>&nbsp;</h2></div>";
				while ($owners = mysql_fetch_assoc($owners_list)) {
					echo "\t\t<div align = 'center' style='vertical-align: middle; background-color: rgb(255, 255, 255)'><h3><a href='owners.php?option=view_owners&owner=$owners[Owner]&object=$owners[object]&object_index=$owners[object_index]'>$owners[Owner]</a>&nbsp;&nbsp;<a href='owners.php?option=delete_owner&owner=$owners[Owner]&object=$owners[object]&object_index=$owners[object_index]'><img src='icons/delete_small.png' align='bottom' border='0'></a></h3></div>\n";
				}
			}

		echo "</div>";

		echo "
		<div class='fcol1' style='border-style: solid; border-width: 1px'>
			<div align='center'><h1>Modify range&nbsp;<img src='icons/help.png' onmouseover=\"return escape('Configuration parameters of \'$range_conf[range_name]\'.')\" border='0'>&nbsp;</h1></div>
			<form action='config.php' method='get' onsubmit='return checkform(this);'>
			<p><b>Range name ($range_conf[range_name]):</b> 
			<input class='input' onmouseover=\"return escape('This is the name (if any) assigned to the network range.')\" type='text' name='range_name' value='$range_conf[range_name]' maxlength=100>
			</p>
			<p><b>Sensor (<a href='config.php?sensor=$range_conf[sensor_id]&conf=sensor&save=select'>$sensor_range[0]</a>):  </b>
			<SELECT class='input' onmouseover=\"return escape('This is the sensor which will perform the scans for this range. You can assign the range to other sensor.')\" name='sensor'>";
			while ($sens = mysql_fetch_row($sensors)) {
				if ($sens[0] == $sensor_id) {
					echo "<option selected value=$sens[0]>$sens[1]</option>";
				} else {
					echo "<option value=$sens[0]>$sens[1]</option>";
				}
			}
			echo "</SELECT><br>
			<p><b>Days between scan each IP ($range_conf[range_delay_scan]):  </b>
			<input class='input' onmouseover=\"return escape('This is the interval in days in witch each host will be tried to scan.')\" type='text' name='range_delay_scan' value='$range_conf[range_delay_scan]' size='3'>
			</p>";
			echo "<p><b>Nmap scan options ($range_conf[nmap_option_name]):  </b>";
			form_speed_nmap('Scan',$range_conf['range_nmap_opts']);
			echo "</p>
			<p><b>Comments:</b> 
			<input class='input' type='text' name='comment' value='$range_conf[comment]' maxlength=255>
			";
			echo "
			<input type='hidden' name='conf' value='range'>
			<input type='hidden' name='range' value='$range'>
			<p><div align='center'><input class='lowred' type='submit' name='save' value='save'></div>
			<p>&nbsp;";
		echo "</div>";

		break;
	}

	if ( $save == "save" ) {

		# Save the range conf values.
		$range_delay_scan = trim($_GET['range_delay_scan']);
		$range_name = trim($_GET['range_name']);
		$range_nmap_opts = $_GET['nmap_opts'];
		$range_sensor = $_GET['sensor'];
		$range_comment = trim($_GET['comment']);
		$update = "UPDATE ranges SET range_name='$range_name', sensor_id = '$range_sensor', range_delay_scan = '$range_delay_scan', range_nmap_opts = '$range_nmap_opts', comment='$range_comment'  WHERE range_id = '$range'";
		mysql_query($update);
		#echo "$range_delay_scan - $range_nmap_opts";
		echo "Configuration updated";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return range configuration page</a></h2></div>";
		break;
	}

	if ( $save == "add" ) {
		# Add a range.
		$cidr_range = $_GET['cird'];
		$sensor = $_GET['sensor'];
		$sensor_delay = $config->Sensor($sensor);
		$sensor_nmap = $config->Sensor($sensor);

		$ranges = mysql_query("SELECT range_id,range FROM ranges");
		$sensor_query = mysql_query("SELECT sensor_name FROM sensors WHERE sensor_id = '$sensor'");
		$sensor_range = mysql_fetch_row($sensor_query);
		# Check if the range added conflicts with the ranges already in the DB.
		while ($rang = mysql_fetch_row($ranges)) {
			$ips = list_cidr($cidr_range);
			#echo "netmask: $nm, network address: $nw, network broadcast: $bc y rango ($nw + 1) -> ($bc - 1)";
			foreach ($ips as $ip) {
				if (match_cidr($ip, $rang[1])) {
					echo "<h1>ERROR. You are trying to add $cidr_range witch conflicts with $rang[1].</h1>";
					break 3;
				}
			}
		}

		# Get info from netblock.in $data array
		$data = net_data ($cidr_range);

		# Store the info in more readable vars.
		$netmask = long2ip($data[2]);
		$net_address = long2ip($data[3]);
		$broadcast = long2ip($data[4]);
		$host_number = $data[5];
		$start_range = long2ip($data[3] + 1);
		$end_range = long2ip($data[4] - 1);
		$cidr_range = $data[6];

		$range_delay_scan = $sensor_delay['sensor_delay_scan'];
		$range_nmap_opts = $sensor_nmap['nmap_scan'];

		# Form to input range
		echo "
		<div class='row'>
		<div align='center'><h1>Add a new network range</h1></div>
		<p>&nbsp;
		<div class='fcol1' style='border-style: solid; border-width: 1px; padding-left: 5px; padding-right: 5px'>
			<form action='config.php' method='get' onsubmit='return checkform(this);'>
			<p><b>CIDR Range: <span style='color: #FFA537'>$cidr_range</span> </b></p>
			<p><b>Netmask: <span style='color: #FFA537'>$netmask</span>  </b></p>
			<p><b>Address Network: <span style='color: #FFA537'>$net_address</span>  </b></p>
			<p><b>Broadcast: <span style='color: #FFA537'>$broadcast</span>  </b></p>
			<p><b>Number of IPs: <span style='color: #FFA537'>$host_number</span>  </b></p>
			<p><b>Range of IPs: <span style='color: #FFA537'>$start_range - $end_range</span>  </b></p>
			<p><b>Sensor: <span style='color: #FFA537'>$sensor_range[0]</span> </b></p>
		</div>
		<div class='fcol1' style='border-style: solid; border-width: 1px;'>
			<p><b>Days between scan each IP ($range_delay_scan):  </b>
			<input class='input' type='text' name='range_delay_scan' value='$range_delay_scan' size='3'></p>
			";
			echo "<p><b>Nmap scan options ($range_nmap_opts):  </b>";
			form_speed_nmap('Scan',$sensor_nmap['sensor_nmap_opts']);
			echo "
			<input type='hidden' name='conf' value='range'>
			<input type='hidden' name='sensor' value='$sensor'>
			<input type='hidden' name='range' value='$cidr_range'>
			<p><div align='center'><input class='lowred' type='submit' name='save' value='saveadd'></div>
			<p>&nbsp;</p>
		</div>
		</div>
		";
		break;
	}

	if ( $save == "saveadd" ) {
		$range = trim($_GET['range']);
		$sensor = trim($_GET['sensor']);
		$range_delay_scan = trim($_GET['range_delay_scan']);
		$range_nmap_opts = $_GET['nmap_opts'];
		echo "Inserting range...";
		# Insert range into DB. 
		$insert = "INSERT INTO ranges (range_id, sensor_id, range, range_delay_scan, range_nmap_opts) VALUES (NULL, '$sensor', '$range', '$range_delay_scan', '$range_nmap_opts')";
		mysql_query($insert);
		echo "...Done <br>";
		echo "Inserting range's IPs...";
		$range_query = mysql_query("SELECT range_id FROM ranges WHERE range = '$range'");
		$range_id = mysql_fetch_row($range_query);
		# Insert range's IPs into DB. 
		# echo "range: $range   range_id $range_id[0]<br>";
		$ips = list_cidr($range);
		foreach ($ips as $ip) {
			$insert_ips = "INSERT INTO hosts (ip, range_id) VALUES ('$ip', '$range_id[0]')";
			mysql_query($insert_ips);
		}
		echo "...Done <br><br>";
		#echo "$range_delay_scan - $range_nmap_opts";
		echo "Range added.";
		$return = $h->get_history_go(-2);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return range configuration page</a></h2></div>";
		break;
	}

	if ( $save == "delete" ) {
		
		$sure = "";
		$range = "";
		$range_block = "";
		if (isset($_GET['sure'])) $sure = $_GET['sure'];
		if (isset($_GET['range'])) $range = $_GET['range'];
		if (isset($_GET['range_block'])) $range_block = $_GET['range_block'];
		
		if ( $sure == "yes" ) {

			delete_ranges($range,$range_block);
			$return = $h->get_history_go(-3);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return range configuration page</a></h2></div>";
			break;
		} else {
			echo "
			<div class='row'>
			<div align='center'><h1>ATENTION!!!</h1></div>
			<div align='center'><h1>ALL THE HOSTS AND SCANS FROM $range_block WILL BE PERMANENT DELETED.</h1></div>
			<div align='center'><h2> Are you REALLY sure?</h2></div>
			<form action='config.php' method='get' onsubmit='return checkform(this);'>
			<input type='hidden' name='sure' value='yes'>
			<input type='hidden' name='conf' value='range'>
			<input type='hidden' name='range' value='$range'>
			<p><div align='center'><input class='lowred' type='submit' name='save' value='delete'></div>
			";
			$return = $h->get_history_go(-1);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return range configuration page</a></h2></div>";
			break;
		}
	}

	$ranges = mysql_query("SELECT range_id,sensor_id,range,range_name FROM ranges ORDER BY range");
	$num_rows = mysql_num_rows($ranges);
	$sensors = mysql_query("SELECT sensor_id,sensor_name FROM sensors");

	# Forms for add and configure a range.

	echo "<div class='row'>
	<div align='center'><h1>Range Configuration</h1></div>

	<div class='fcol1' style='border-style: solid; border-width: 1px; height: 150px; padding-left: 5px; padding-right: 5px'>
		<div align='center'><h2>Add new net range</h2></div>
		<form action='config.php' method='get' onsubmit='return checkform(this);'>
		<p><b>Nework range in CIDR syntax (x.x.x.x/x):</b> 
		<input class='input' type='text' name='cird' size='18'></p>
		<p><b>Assign to sensor:</b>
		<SELECT class='input' name='sensor'>";
		while ($sens = mysql_fetch_row($sensors)) {
			echo "<option value=$sens[0]>$sens[1]</option>";
		}
		echo "</SELECT>
		<input type='hidden' name='conf' value='range'>
		<div align='center'><input class='lowred' type='submit' name='save' value='add'></div>
		</form>
	</div>

	<div class='fcol1' style='border-style: solid; border-width: 1px;'>
		<div align='center'>
			<h2>Config net range</h2>
			<form action='config.php' method='get' onsubmit='return checkform(this);'>
			<SELECT class='input' name='range'>
		";
		while ($net_ranges = mysql_fetch_row($ranges)) {
			$info = ($net_ranges[3])? $net_ranges[3]:$net_ranges[2];
			echo "<option value=$net_ranges[0]>$info</option>";
		}
		echo "
			</SELECT><br>
			<input type='hidden' name='conf' value='range'>
			<p><div align='center'><input class='lowred' type='submit' name='save' value='select'></div>
			</form>
			<p>&nbsp;
		</div>
	</div>
	
	</div>
	";
	
	echo "</div>";
	break;

case "nmap_conf":

	# Save data
	$save = "";
	if (isset($_GET["save"]))
	$save = $_GET["save"];
	
	if ( $save == "delete" ) {
		$nmap_cfg_id = $_GET['nmap_cfg_id'];
		$sure = "";
		if (isset($_GET["sure"]))
		$sure = $_GET["sure"];
		$nmap_option_name = "";
		if (isset($_GET["nmap_option_name"]))
		$nmap_option_name = $_GET["nmap_option_name"];

		if ( $sure == "yes" ) {
			echo "Deleting...<br>";
			$delete_wl = mysql_query("DELETE FROM nmap_cfg WHERE nmap_cfg_id = '$nmap_cfg_id'");
			echo "Done.";
			$return = $h->get_history_go(-2);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return nmap configuration page</a></h2></div>";
			break;
		} else {
			echo "<div class='row'>";
			echo "<div align='center'><h1>Nmap option \"$nmap_option_name\" is going to be deleted.</h1></div>";
			echo "<div align='center'><h2> Are you REALLY sure?</h2></div>";
			echo "<form action='config.php' method='get' onsubmit='return checkform(this);'>";
			echo "<input type='hidden' name='sure' value='yes'>";
			echo "<input type='hidden' name='conf' value='nmap_conf'>";
			echo "<input type='hidden' name='nmap_cfg_id' value='$nmap_cfg_id'>";
			echo "<p><div align='center'><input class='lowred' type='submit' name='save' value='delete'></div>";
			$return = $h->get_history_go(-1);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return nmap configuration page</a></h2></div>";
			break;
		}
	}
	
	if ( $save == "add" ) {
		$nmap_cfg_type = $_GET['nmap_cfg_type'];
		echo "<div class='row'>";
		echo "<div align='center'><h1>Add Custom $nmap_cfg_type Option</h1></div>";
		echo "<form action='config.php' method='get' onsubmit='return checkform(this);'>";
		echo "<p><b>$nmap_cfg_type name:</b> ";
		echo "<input class='input' type='text' name='nmap_option_name'>";
		echo "<p><b>$nmap_cfg_type parameters:</b> ";
		echo "<input class='input' type='text' name='nmap_cmd_cfg' size='110'>";
		echo "<input type='hidden' name='conf' value='nmap_conf'>";
		echo "<input type='hidden' name='nmap_cfg_type' value='$nmap_cfg_type'>";
		echo "<p><div align='center'><input class='lowred' type='submit' name='save' value='save'></div>";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return nmap configuration page</a></h2></div>";
		break;
	}
	
	if ( $save == "edit" ) {
		$nmap_cfg_id = $_GET['nmap_cfg_id'];
		$query = mysql_query("SELECT * FROM nmap_cfg WHERE nmap_cfg_id = '$nmap_cfg_id'") or die (mysql_error());
		$result = mysql_fetch_assoc($query);

		echo "<div class='row'>";
		echo "<div align='center'><h1>Edit Custom $result[nmap_type_cfg] Option</h1></div>";
		echo "<form action='config.php' method='get' onsubmit='return checkform(this);'>";
		echo "<p><b>$result[nmap_type_cfg] name:</b> ";
		echo "<input class='input' type='text' name='nmap_option_name' value ='$result[nmap_option_name]'>";
		echo "<p><b>$result[nmap_type_cfg] parameters:</b> ";
		echo "<input class='input' type='text' name='nmap_cmd_cfg' size='110' value ='$result[nmap_cmd_cfg]'>";
		echo "<input type='hidden' name='conf' value='nmap_conf'>";
		echo "<input type='hidden' name='nmap_cfg_type' value='$result[nmap_type_cfg]'>";
		echo "<input type='hidden' name='nmap_cfg_id' value='$result[nmap_cfg_id]'>";
		echo "<p><div align='center'><input class='lowred' type='submit' name='save' value='modify'></div>";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return nmap configuration page</a></h2></div>";
		break;
	}

	if ( $save == "modify" ) {
		$nmap_cfg_type = $_GET['nmap_cfg_type'];
		$nmap_option_name = $_GET['nmap_option_name'];
		$nmap_cmd_cfg = $_GET['nmap_cmd_cfg'];
		$nmap_cfg_id = $_GET['nmap_cfg_id'];

		$query_check_option_name = mysql_query("SELECT nmap_option_name FROM nmap_cfg WHERE nmap_cfg_id = '$nmap_cfg_id'") or die (mysql_error());
		$check_option_name = mysql_fetch_assoc($query_check_option_name);
		if ($check_option_name["nmap_option_name"] == $nmap_option_name) {		
			$update = "UPDATE nmap_cfg SET nmap_type_cfg = '$nmap_cfg_type', nmap_cmd_cfg = '$nmap_cmd_cfg' WHERE nmap_cfg_id = $nmap_cfg_id";
			mysql_query($update) or die (mysql_error());
			echo "<div align='center'><h1>Nmap $nmap_cfg_type option modified.</h1></div>";
			$return = $h->get_history_go(-2);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return range configuration page</a></h2></div>";
			break;
		} else {
			$query_check_option_name = mysql_query("SELECT nmap_option_name FROM nmap_cfg WHERE nmap_type_cfg = '$nmap_cfg_type'") or die (mysql_error());

			while ($ckeck_nmap_option_name = mysql_fetch_assoc($query_check_option_name)) {
				if ($ckeck_nmap_option_name["nmap_option_name"] == $nmap_option_name) {
					echo "<div class='row'>";
					echo "<div align='center'><h1>Error: The $nmap_cfg_type name \"$ckeck_nmap_option_name[nmap_option_name]\" already exists.</h1></div>";
					exit;
				}
			}
			$update = "UPDATE nmap_cfg SET nmap_type_cfg = '$nmap_cfg_type', nmap_option_name = '$nmap_option_name', nmap_cmd_cfg = '$nmap_cmd_cfg' WHERE nmap_cfg_id = $nmap_cfg_id";
			mysql_query($update) or die (mysql_error());
			echo "<div align='center'><h1>Nmap $nmap_cfg_type option modified.</h1></div>";
			$return = $h->get_history_go(-1);
			echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return nmap configuration page</a></h2></div>";
			break;
		}
	}

	if ( $save == "used") {
		if (isset($_GET['nmap_cfg_id']))
		$nmap_cfg_id = $_GET['nmap_cfg_id'];
		if (isset($_GET['nmap_cfg_type']))
		$nmap_cfg_type = $_GET['nmap_cfg_type'];
		if (isset($_GET['nmap_option_name']))
		$nmap_option_name = $_GET['nmap_option_name'];
		if (isset($_GET['nmap_cmd_cfg']))
		$nmap_cmd_cfg = $_GET['nmap_cmd_cfg'];
		
		$query = "SELECT sensor_id,sensor_name as 'Sensor' FROM sensors WHERE sensor_nmap_opts = '$nmap_cfg_id' OR sensor_nmap_sweep_opts = '$nmap_cfg_id'";
		$result =  mysql_query ($query) or die (mysql_error());

		if (mysql_num_rows($result) != 0) {
			$title = "Sensors";
			draw_table ($title,$query,800);
			echo "<p>";
		}

		$query = "SELECT range_id,range as 'Range',range_name FROM ranges WHERE range_nmap_opts = '$nmap_cfg_id'";
		$result =  mysql_query ($query) or die (mysql_error());

		if (mysql_num_rows($result) != 0) {
			echo "<div align='center'>";
			$title = "Ranges";
			draw_table ($title,$query,800);
			echo "<p>";
			echo "</div>";
		}
	
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return namp configuration page</a></h2></div>";
		break;
	}
	if ( $save == "save" ) {
		$nmap_cfg_type = $_GET['nmap_cfg_type'];
		$nmap_option_name = $_GET['nmap_option_name'];
		$nmap_cmd_cfg = $_GET['nmap_cmd_cfg'];

		$query_check_option_name = mysql_query("SELECT nmap_option_name FROM nmap_cfg WHERE nmap_type_cfg = '$nmap_cfg_type'") or die (mysql_error());

		while ($ckeck_nmap_option_name = mysql_fetch_assoc($query_check_option_name)) {
			if ($ckeck_nmap_option_name["nmap_option_name"] == $nmap_option_name) {
				echo "<div class='row'>";
				echo "<div align='center'><h1>Error: The $nmap_cfg_type name \"$ckeck_nmap_option_name[nmap_option_name]\" already exists.</h1></div>";
				exit;
			}
		}
		
		$insert = "INSERT INTO nmap_cfg (nmap_type_cfg, nmap_option_name, nmap_cmd_cfg) VALUES ('$nmap_cfg_type', '$nmap_option_name', '$nmap_cmd_cfg')";
		mysql_query($insert) or die (mysql_error());
		echo "<div align='center'><h1>Nmap $nmap_cfg_type option added.</h1></div>";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return nmap configuration page</a></h2></div>";
		break;
	}
	
	$query_nmap_conf_scan = mysql_query("SELECT * FROM nmap_cfg WHERE nmap_type_cfg = 'Scan' ORDER BY nmap_cfg_id") or die (mysql_error());
	$query_nmap_conf_sweep = mysql_query("SELECT * FROM nmap_cfg WHERE nmap_type_cfg = 'Sweep' ORDER BY nmap_cfg_id") or die (mysql_error());
	
	#Form to input and update conf
	echo "
	<div class='row'>
	<div align='center'><h1>Change Nmap Options</h1></div>
	<div align='center'><h2>Don't mess here if you don't really know what are you doing.</h2></div>
	<div class='row' style='border-style: solid; border-width: 1px; padding-left: 5px; padding-right: 5px'>
	<div align='center'><h2>Scans&nbsp;<img src='icons/help.png' onmouseover=\"return escape('The available Scan options are listed here: <p>- Polite: Very slow scans. <p>- Normal: Quick scans. <p>- Aggressive: Fatest scans. <p>New scan types can be defined but please, be conscious and don\'t mess here if you don\'t really know what are you doing.')\" border='0'>&nbsp;</h2></div><hr>";
	while ($nmap_conf_scan = mysql_fetch_assoc($query_nmap_conf_scan)) {
		if ( ereg("Polite|Normal|Aggressive",$nmap_conf_scan["nmap_option_name"])) {
			echo "<b>$nmap_conf_scan[nmap_option_name]</b> <br> $nmap_conf_scan[nmap_cmd_cfg]<p>";
		} else {
			$query_used_option = mysql_query ("SELECT range_id AS ident FROM ranges WHERE range_nmap_opts = '$nmap_conf_scan[nmap_cfg_id]' UNION SELECT sensor_id AS ident FROM sensors WHERE sensor_nmap_opts = '$nmap_conf_scan[nmap_cfg_id]';") or die (mysql_error());
			if (mysql_num_rows($query_used_option) != 0) {
				echo "<b>$nmap_conf_scan[nmap_option_name]</b>&nbsp; <a href='config.php?conf=nmap_conf&nmap_cfg_id=$nmap_conf_scan[nmap_cfg_id]&nmap_option_name=$nmap_conf_scan[nmap_option_name]&save=used'><img onmouseover=\"return escape('This scan configuration is in use by a sensor. If you wanna delete, first go to the sensor/range what is using it and change their configuration.<p>Click here to see who is using this configuration.')\" title='In use by' src='icons/in-use.png' align='top' border='0'></a>";
			} else {
				echo "<b>$nmap_conf_scan[nmap_option_name]</b>&nbsp; <a href='config.php?conf=nmap_conf&nmap_cfg_id=$nmap_conf_scan[nmap_cfg_id]&nmap_option_name=$nmap_conf_scan[nmap_option_name]&save=delete'><img onmouseover=\"return escape('Click here to delete this scan configuration.')\" title='Delete' src='icons/delete.png' align='top' border='0'></a>";
			}
			echo "&nbsp;<a href='config.php?conf=nmap_conf&nmap_cfg_id=$nmap_conf_scan[nmap_cfg_id]&save=edit'><img onmouseover=\"return escape('Click here to edit this scan configuration.')\" title='Edit' src='icons/edit.png' align='top' border='0'></a>";
			echo "<br>$nmap_conf_scan[nmap_cmd_cfg]<p>";
		}
	}
	echo "<div align='center'><a href='config.php?conf=nmap_conf&nmap_cfg_type=Scan&save=add'><b>[Add a custom scan config]</b></a></div><p>
	
	</div>
	<div class='row' style='border-style: solid; border-width: 1px; padding-left: 5px; padding-right: 5px'>
	<div align='center'><h2>Sweeps&nbsp;<img src='icons/help.png' onmouseover=\"return escape('The available Sweep options are listed here: <p>- Polite: Very slow sweep. <p>- Normal: Quick sweep. <p>- Aggressive: Fatest sweep. <p>New sweep types can be defined but please, be conscious and don\'t mess here if you don\'t really know what are you doing.')\" border='0'>&nbsp;</h2></div><hr>";
	while ($nmap_conf_sweep = mysql_fetch_assoc($query_nmap_conf_sweep)) {
		if ( ereg("Polite|Normal|Aggressive",$nmap_conf_sweep["nmap_option_name"])) {
			echo "<b>$nmap_conf_sweep[nmap_option_name]</b> <br> $nmap_conf_sweep[nmap_cmd_cfg]<p>";
		} else {
			$query_used_option = mysql_query ("SELECT sensor_id AS ident FROM sensors WHERE sensor_nmap_sweep_opts = '$nmap_conf_sweep[nmap_cfg_id]';") or die (mysql_error());
			if (mysql_num_rows($query_used_option) != 0) {
				echo "<b>$nmap_conf_sweep[nmap_option_name]</b>&nbsp; <a href='config.php?conf=nmap_conf&nmap_cfg_id=$nmap_conf_sweep[nmap_cfg_id]&nmap_option_name=$nmap_conf_sweep[nmap_option_name]&save=used'><img onmouseover=\"return escape('This sweep configuration is in use by a sensor. If you wanna delete, first go to the sensor what is using it and change their configuration.<p>Click here to see who is using this configuration.')\" title='In use by' src='icons/in-use.png' align='top' border='0'></a>";
			} else {
				echo "<b>$nmap_conf_sweep[nmap_option_name]</b>&nbsp; <a href='config.php?conf=nmap_conf&nmap_cfg_id=$nmap_conf_sweep[nmap_cfg_id]&nmap_option_name=$nmap_conf_sweep[nmap_option_name]&save=delete'><img onmouseover=\"return escape('Click here to delete this sweep configuration.')\" title='Delete' src='icons/delete.png' align='top' border='0'></a>";
			}
			echo "&nbsp;<a href='config.php?conf=nmap_conf&nmap_cfg_id=$nmap_conf_sweep[nmap_cfg_id]&save=edit'><img onmouseover=\"return escape('Click here to edit this sweep configuration.')\" title='Edit' src='icons/edit.png' align='top' border='0'></a>";
			echo "<br>$nmap_conf_sweep[nmap_cmd_cfg]<p>";
		}
	}
	echo "<div align='center'><a href='config.php?conf=nmap_conf&nmap_cfg_type=Sweep&save=add'><b>[Add a custom sweep config]</b></a></div><p>
	</div>";
	break;
	
case "plugins":

	# Save data
	$save = "";
	if (isset($_GET["save"]))
	$save = $_GET["save"];

	if ( $save == "save" ) {
		$plugins = mysql_query("SELECT plugin_name AS 'Plugin Name' FROM plugins") or die ('Querry failed: ' . mysql_error());
		while ($plugin = mysql_fetch_assoc($plugins)) {
			$plugin_name_no_spaces = str_replace (" ", "", $plugin['Plugin Name']);
			$pluginstatus = $_GET["$plugin_name_no_spaces"];
			$update = "UPDATE plugins SET status = '$pluginstatus' WHERE plugin_name = '{$plugin['Plugin Name']}' ";
			mysql_query($update) or die ('Querry failed: ' . mysql_error());
		}
		echo "Configuration updated";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return Plugin configuration page</a></h2></div>";
		break;
	}
	
	#search for available plugins
	$query = "SELECT plugin_name AS 'Plugin Name',version AS 'Ver.',description AS Description,status AS 'Plugin Status' FROM plugins";
	$plugins = mysql_query($query) or die ('Querry failed: ' . mysql_error());
	$title = "Available plugins";

	echo "<div class='row'>";
	echo "<div align='center'><h1>Cancerbero Plugins configuration</h1></div>";
	echo "<form action='config.php' method='get' onsubmit='return checkform(this);'>";
	draw_table ($title,$query,800);
	echo "<input type='hidden' name='conf' value='plugins'>";
	echo "<p><div align='center'><input class='lowred' type='submit' name='save' value='save'>";
	echo "</div></form></div>";

	break;

case "alerts":
	
	$plugin_name = "";
	if (isset($_GET["plugin_name"]))
	$plugin_name = $_GET["plugin_name"];

	# Save data
	$save = "";
	if (isset($_GET["save"]))
	$save = $_GET["save"];
	
	if ( $save == "save" ) {
		
		$plugin = $_GET["plugin"];
		$alerts = mysql_query("SELECT alert_name AS Name FROM alert_type WHERE plugin_name = '$_GET[plugin]'") or die ('Querry failed: ' . mysql_error());
		while ($alert = mysql_fetch_assoc($alerts)) {
			$alert_name_no_spaces = str_replace (" ", "", $alert['Name']);
			$alertstatus = $_GET["status_$alert_name_no_spaces"];
			$alertlevel = $_GET["level_$alert_name_no_spaces"];
			$update = "UPDATE alert_type SET status = '$alertstatus',alert_level = '$alertlevel' WHERE alert_name = '$alert[Name]'";
			mysql_query($update) or die ('Querry failed: ' . mysql_error());
		}
		
		echo "Configuration updated";
		$return = $h->get_history_go(-1);
		echo "<p>&nbsp;<p><div align='center'><h2><a href='$return'>Return Plugin configuration page</a></h2></div>";
		break;
	}
	
	echo "<div class='row'>";
	echo "<div align='center'><h1>Cancerbero Plugins configuration</h1>";
	$query = "SELECT plugin_name AS PluginName FROM plugins WHERE status = 'on'";
	if (isset($_GET["plugin_name"])) {
		$query .= " AND plugin_name = '$plugin_name'";
	}

	$plugins = mysql_query($query) or die ('Querry failed: ' . mysql_error());
	while ($plugin = mysql_fetch_assoc($plugins)) {
			$title = "<div align='center'>Plugin: $plugin[PluginName] <input class='lowred' type='submit' name='save' value='save'>";
			$query = "SELECT alert_name AS 'Name',alert_level AS 'Alert Level',status AS 'Alert Status' FROM alert_type WHERE plugin_name = '$plugin[PluginName]'";
			$alerts = mysql_query("$query") or die ('Querry failed: ' . mysql_error());
			echo "<form action='config.php' method='get' onsubmit='return checkform(this);'>";
			draw_table ($title,$query,800);
			echo "<input type='hidden' name='plugin' value='$plugin[PluginName]' ";
			echo "<input type='hidden' name='conf' value='alerts'>";
			echo "</form></div><br>";
	}
	echo "</div>";

	break;

default:
	echo "<div class='row'>";
	echo "	<h1>Parameter error</h1>";
	echo "</div>";
	break;
}
?>

	<div class="row">
		&nbsp;
	</div>

</div>
</div>
<script language='JavaScript' type='text/javascript' src='include/wz_tooltip.js'></script>
</body>
</html>
Return current item: Cancerbero - The watchdog of the ports