webinterface.git

modules/freewvs/freewvs.php  1) <?php

modules/webapps/freewvs.php  2) /*
modules/webapps/freewvs.php  3) This file belongs to the Webinterface of schokokeks.org Hosting
modules/webapps/freewvs.php  4) 

modules/webapps/freewvs.php  5) Written 2008-2014 by schokokeks.org Hosting, namely

modules/webapps/freewvs.php  6)   Bernd Wurst <bernd@schokokeks.org>
modules/webapps/freewvs.php  7)   Hanno Böck <hanno@schokokeks.org>
modules/webapps/freewvs.php  8) 
modules/webapps/freewvs.php  9) To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
modules/webapps/freewvs.php 10) 
modules/webapps/freewvs.php 11) You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 
modules/webapps/freewvs.php 12) http://creativecommons.org/publicdomain/zero/1.0/
modules/webapps/freewvs.php 13) 
modules/webapps/freewvs.php 14) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
modules/webapps/freewvs.php 15) */

modules/freewvs/freewvs.php 16) 
modules/freewvs/freewvs.php 17) require_once('session/start.php');

modules/freewvs/freewvs.php 18) 
modules/freewvs/freewvs.php 19) require_once('freewvs.php');

modules/webapps/freewvs.php 20) require_once('webapp-installer.php');

modules/freewvs/freewvs.php 21) 

modules/freewvs/freewvs.php 22) require_role(array(ROLE_SYSTEMUSER));
modules/freewvs/freewvs.php 23) 

modules/webapps/freewvs.php 24) title("Prüfung Ihrer Web-Anwendungen");
modules/webapps/freewvs.php 25) 

modules/freewvs/freewvs.php 26) $uid = (int) $_SESSION['userinfo']['uid'];
modules/freewvs/freewvs.php 27) 

modules/webapps/freewvs.php 28) if (isset($_POST['freq']) && in_array($_POST['freq'],array("day","week","month"))) {

modules/freewvs/freewvs.php 29)   check_form_token('freewvs_freq'); 

modules/webapps/freewvs.php 30)   $args = array(":uid" => $uid, ":freq" => $_POST['freq']);
modules/webapps/freewvs.php 31) 	db_query("REPLACE INTO qatools.freewvs (user,freq) VALUES (:uid,:freq)", $args);

modules/freewvs/freewvs.php 32) 	header("Location: freewvs");

modules/freewvs/freewvs.php 33) 	die();
modules/freewvs/freewvs.php 34) }
modules/freewvs/freewvs.php 35) 

modules/webapps/freewvs.php 36) $result = db_query("SELECT freq FROM qatools.v_freewvs WHERE uid=?", array($uid));

modules/webapps/freewvs.php 37) $result=$result->fetch();

modules/freewvs/freewvs.php 38) $freq=$result['freq'];
modules/freewvs/freewvs.php 39) 

modules/webapps/freewvs.php 40) headline('Überprüfung Ihrer Web-Anwendungen auf Sicherheitslücken');

modules/freewvs/freewvs.php 41) 
modules/freewvs/freewvs.php 42) output('<p>Das Programm freewvs prüft automatisch regelmäßig Ihre Web-Anwendungen (z.B. Blog-Software, Content-Management-Systeme, ...) auf bekannte Sicherheitsprobleme. Sie können festlegen, wie oft Sie bei gefundenen Problemen benachrichtigt werden möchten.</p>
modules/freewvs/freewvs.php 43) <p><strong>Wie oft möchten Sie über Sicherheitsprobleme benachrichtigt werden?</strong></p>

modules/webapps/freewvs.php 44) '.html_form('freewvs_freq', 'freewvs', '', '<p>'.html_select('freq', array('day' => 'täglich', 'week' => 'höchstens einmal pro Woche', 'month' => 'höchstens einmal pro Monat'), $freq).' &#160; <input type="submit" value="speichern" /></p>'));

modules/freewvs/freewvs.php 45) 
modules/freewvs/freewvs.php 46) $results = load_results();
modules/freewvs/freewvs.php 47) 
modules/freewvs/freewvs.php 48) output('<h3>Aktuell installierte Web-Anwendungen</h3>
modules/freewvs/freewvs.php 49) <p>Die folgenden Web-Anwendungen wurden beim letzten Programmdurchlauf gefunden. Diese Liste wird i.d.R. täglich aktualisiert.</p>');
modules/freewvs/freewvs.php 50) foreach ($results AS $app) {

modules/webapps/freewvs.php 51)   $url = get_url_for_dir($app['directory']);

modules/freewvs/freewvs.php 52)   output("<div class='freewvs freewvs-{$app['state']}'>\n");
modules/freewvs/freewvs.php 53)   if ($app['state'] == 'ok') {
modules/freewvs/freewvs.php 54)     output("<img src='{$prefix}images/ok.png' />\n");
modules/freewvs/freewvs.php 55)     output("<p><strong>{$app['appname']} {$app['version']}</strong></p>\n");

modules/webapps/freewvs.php 56)     output("<p>Gefunden in {$app['directory']} (<a href=\"{$url}\">{$url}</a>)</p>\n");

modules/webapps/freewvs.php 57)     output("<p>Diese Anwendung hat keine allgemein bekannten Sicherheitsprobleme.</p>\n");

modules/freewvs/freewvs.php 58)   }
modules/freewvs/freewvs.php 59)   else {
modules/freewvs/freewvs.php 60)     $vulnlink = $app['vulninfo'];

modules/freewvs/freewvs.php 61)     $doclink = get_upgradeinstructions($app['appname']);

modules/freewvs/freewvs.php 62)     if (substr($vulnlink, 0, 3) == 'CVE') {
modules/freewvs/freewvs.php 63)       $vulnlink = 'http://cve.mitre.org/cgi-bin/cvename.cgi?name='.$vulnlink;
modules/freewvs/freewvs.php 64)     }
modules/freewvs/freewvs.php 65)     output("<img src='{$prefix}images/error.png' />\n");
modules/freewvs/freewvs.php 66)     output("<p><strong>{$app['appname']} {$app['version']}</strong></p>\n");

modules/webapps/freewvs.php 67)     output("<p>Gefunden in {$app['directory']} (<a href=\"{$url}\">{$url}</a>)</p>\n");

modules/freewvs/freewvs.php 68)     if ($app['safeversion'] != '') {
modules/freewvs/freewvs.php 69)       output("<p>Diese Anwendung ist von Sicherheits-Problemen betroffen. Ein <strong>Update auf Version {$app['safeversion']}</strong> wird dringend empfohlen. Prüfen Sie anhand der unten genannten Referenz welche Gefahren von dieser Anwendung momentan ausgehen.</p>\n");
modules/freewvs/freewvs.php 70)     } else {
modules/freewvs/freewvs.php 71)       output("<p>Diese Anwendung ist von Sicherheits-Problemen betroffen. Leider gibt es <strong>momentan keine aktualisierte Version</strong>. Prüfen Sie bitte anhand der unten genannten Beschreibung des Problem die möglichen Gefahren eines weiteren Betriebs dieser Anwendung.</p>\n");
modules/freewvs/freewvs.php 72)     }
modules/freewvs/freewvs.php 73)     output("<p><strong>Referenz zu diesem Sicherheitsproblem: <a href='{$vulnlink}'>{$app['vulninfo']}</a></strong></p>");

modules/freewvs/freewvs.php 74)     if ($doclink != NULL)

modules/webapps/freewvs.php 75)       output('<p><strong>Hinweis:</strong> Um Ihnen das Upgrade leichter zu machen, möchten wir Sie auf eine <a href="'.$doclink.'">deutschsprachige Upgrade-Anleitung</a> aufmerksam machen.</p>'."\n");
modules/webapps/freewvs.php 76)     $up = upgradeable($app['appname'], $app['version']);
modules/webapps/freewvs.php 77)     if ($up)
modules/webapps/freewvs.php 78)     {

modules/webapps/freewvs.php 79)       if (directory_in_use($app['directory']))
modules/webapps/freewvs.php 80)         output('<p><em>Automatische Update-Aktion heute nicht mehr möglich</em></p>');
modules/webapps/freewvs.php 81)       else
modules/webapps/freewvs.php 82)         output('<p>'.internal_link('requestupdate', 'Update automatisch durchführen', "dir={$app['directory']}&app={$up}")."</p>\n");

modules/webapps/freewvs.php 83)     }