Location: PHPKode > projects > Php-Logging-System > phplogsys-1.1.4/includes/parse_iptables.php
<?php
//========================================================================
// BEGIN: GET THE INPUT VARIABLES
//========================================================================
$date = get_input('date');
$date2 = get_input('date2');
$time = get_input('time');
$time2 = get_input('time2');
$limit = get_input('limit');
$topx = get_input('topx');
$scale = get_input('yscale');
$graphport = get_input('graphport');
$orderby = get_input('orderby');
$order = get_input('order');
$offset = get_input('offset');
if(!$offset){
	$offset = 0;
}
$table = get_input('table');
//========================================================================
// END: GET THE INPUT VARIABLES
//========================================================================

//========================================================================
// BEGIN: INPUT VALIDATION
//========================================================================
parseinput('host', 'host', true, true);
parseinput('prefix', 'prefix', true, true);
parseinput('protocol', 'protocol', false, false);
parseipinput('sourceip');
parseipinput('destinationip');
parseportinput('sourceport');
parseportinput('destinationport');
if($date && !validate_input($date, 'date')){
	array_push($inputValError, 'date1');
}
if($date2 && !validate_input($date2, 'date')){
	array_push($inputValError, 'date2');
}
if($time && !validate_input($time, 'time')){
	array_push($inputValError, 'time1');
}
if($time2 && !validate_input($time2, 'time')){
	array_push($inputValError, 'time2');
}
if($limit && !validate_input($limit, 'limit')){
	array_push($inputValError, 'limit');
}
if($orderby && !validate_input($orderby, 'orderby')){
	array_push($inputValError, 'orderby');
}
if($order && !validate_input($order, 'order')){
	array_push($inputValError, 'order');
}
if(!validate_input($offset, 'offset')){
	array_push($inputValError, 'offset');
}
if($table && !validate_input($table, 'table')){
	array_push($inputValError, 'table');
}

if($inputValError){
	echo 'Input validation error! The following fields had the wrong format:<p>';
	foreach($inputValError as $value){
		echo $value, '<br>';
	}
	require_once(BASE_PATH . '/html_footer.php');
	exit;
}
//========================================================================
// END: INPUT VALIDATION
//========================================================================


//========================================================================
// BEGIN: BUILD AND EXECUTE SQL STATEMENT
// AND BUILD PARAMETER LIST FOR HTML GETS
//========================================================================
//------------------------------------------------------------------------
// Create WHERE statement and GET parameter list
//------------------------------------------------------------------------
$where = '';
$ParamsGET = '&';

inputdb('host', 'host', 'host', true, true);
inputdb('prefix', 'prefix', 'prefix', true, true);
inputdb('protocol', 'proto', null, false, false);
ipinputdb('sourceip', 'src', false);
ipinputdb('destinationip', 'dst', false);
portinputdb('sourceport', 'spt');
portinputdb('destinationport', 'dpt');
timestampdb('timestamp', null);
if($table){
	$ParamsGET=$ParamsGET.'table='.$table.'&';
}

if($limit){
	$ParamsGET=$ParamsGET.'limit='.$limit.'&';
}

if($orderby){
	$ParamsGET=$ParamsGET.'orderby='.$orderby.'&';
}

if($order){
	$ParamsGET=$ParamsGET.'order='.$order.'&';
}

if($pageId){
	$ParamsGET=$ParamsGET.'pageId='.$pageId.'&';
}

$msgvarnum=1;
$msgvarname='msg'.$msgvarnum;
$excmsgvarname='ExcludeMsg'.$msgvarnum;
$regexpmsgvarname='RegExpMsg'.$msgvarnum;

while(isset(${$msgvarname})){
	if($where !=''){
		$where = $where.' AND ';
	}
	$where .= 'msg ';
	if(${$excmsgvarname} == 'on'){
		$where .= 'NOT ';
		$ParamsGET = $ParamsGET.$excmsgvarname.'='.${$excmsgvarname}.'&';
	}
	if(${$regexpmsgvarname} == 'on'){
		$where .= 'RLIKE \''.${$msgvarname}.'\' ';
		$ParamsGET = $ParamsGET.$regexpmsgvarname.'='.${$regexpmsgvarname}.'&';
	} else{
		$where .= 'LIKE \'%'.${$msgvarname}.'%\' ';
	}
	$ParamsGET=$ParamsGET.$msgvarname.'='.${$msgvarname}.'&';
	$msgvarnum++;
	$msgvarname='msg'.$msgvarnum;
	$excmsgvarname='ExcludeMsg'.$msgvarnum;
	$regexpmsgvarname = 'RegExpMsg'.$msgvarnum;
}

//------------------------------------------------------------------------
// Create the GET string without host variables
//------------------------------------------------------------------------
$pieces = explode('&', $ParamsGET);
$hostParamsGET = '';
foreach($pieces as $value){
	if(!strstr($value, 'host[]=') && !strstr($value, 'excludehost=') && !strstr($value, 'regexphost=') && !strstr($value, 'offset=') && $value){
		$hostParamsGET = $hostParamsGET.$value.'&';
	}
}

$pieces = explode('&', $ParamsGET);
$prefixParamsGET = '';
foreach($pieces as $value){
	if(!strstr($value, 'prefix[]=') && !strstr($value, 'excludeprefix=') && !strstr($value, 'regexpprefix=') && !strstr($value, 'offset=') && $value){
		$prefixParamsGET = $prefixParamsGET.$value.'&';
	}
}

$pieces = explode('&', $ParamsGET);
$protocolParamsGET = '';
foreach($pieces as $value){
	if(!strstr($value, 'protocol[]=') && !strstr($value, 'excludeprotocol=') && !strstr($value, 'offset=') && $value){
		$protocolParamsGET = $protocolParamsGET.$value.'&';
	}
}

$pieces = explode('&', $ParamsGET);
$orderParamsGET = '';
foreach($pieces as $value){
	if(!strstr($value, 'order=') && !strstr($value, 'orderby=') && !strstr($value, 'offset=') && $value){
		$orderParamsGET = $orderParamsGET.$value.'&';
	}
}

?>
PHP Helpdesk script - 100% PHP source code. Try it now!
Return current item: Php-Logging-System