dcc202fb249a446ac15c7cf413b9f1b4a3f31b58
bernd initiales freewvs-modul

bernd authored 17 years ago

modules/freewvs/freewvs.php  1) <?php
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

modules/webapps/freewvs.php  2) /*
modules/webapps/freewvs.php  3) This file belongs to the Webinterface of schokokeks.org Hosting
modules/webapps/freewvs.php  4) 
Hanno Böck Change license from CC0 to...

Hanno Böck authored 2 years ago

modules/webapps/freewvs.php  5) Written by schokokeks.org Hosting, namely
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

modules/webapps/freewvs.php  6)   Bernd Wurst <bernd@schokokeks.org>
modules/webapps/freewvs.php  7)   Hanno Böck <hanno@schokokeks.org>
modules/webapps/freewvs.php  8) 
Hanno Böck Change license from CC0 to...

Hanno Böck authored 2 years ago

modules/webapps/freewvs.php  9) This code is published under a 0BSD license.
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

modules/webapps/freewvs.php 10) 
modules/webapps/freewvs.php 11) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
modules/webapps/freewvs.php 12) */
bernd initiales freewvs-modul

bernd authored 17 years ago

modules/freewvs/freewvs.php 13) 
modules/freewvs/freewvs.php 14) require_once('session/start.php');
bernd Zeige Freewvs-Resultate an

bernd authored 16 years ago

modules/freewvs/freewvs.php 15) 
modules/freewvs/freewvs.php 16) require_once('freewvs.php');
bernd * alle internen Links sinnv...

bernd authored 15 years ago

modules/webapps/freewvs.php 17) require_once('webapp-installer.php');
bernd Zeige Freewvs-Resultate an

bernd authored 16 years ago

modules/freewvs/freewvs.php 18) 
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

modules/webapps/freewvs.php 19) require_role([ROLE_SYSTEMUSER]);
bernd initiales freewvs-modul

bernd authored 17 years ago

modules/freewvs/freewvs.php 20) 
bernd Benutze überall title() sta...

bernd authored 14 years ago

modules/webapps/freewvs.php 21) title("Prüfung Ihrer Web-Anwendungen");
modules/webapps/freewvs.php 22) 
bernd initiales freewvs-modul

bernd authored 17 years ago

modules/freewvs/freewvs.php 23) $uid = (int) $_SESSION['userinfo']['uid'];
modules/freewvs/freewvs.php 24) 
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

modules/webapps/freewvs.php 25) if (isset($_POST['freq']) && in_array($_POST['freq'], ["day","week","month"])) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 26)     check_form_token('freewvs_freq');
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

modules/webapps/freewvs.php 27)     $args = [":uid" => $uid, ":freq" => $_POST['freq']];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 28)     db_query("REPLACE INTO qatools.freewvs (user,freq) VALUES (:uid,:freq)", $args);
modules/webapps/freewvs.php 29)     header("Location: freewvs");
modules/webapps/freewvs.php 30)     die();
bernd initiales freewvs-modul

bernd authored 17 years ago

modules/freewvs/freewvs.php 31) }
modules/freewvs/freewvs.php 32) 
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

modules/webapps/freewvs.php 33) $result = db_query("SELECT freq FROM qatools.v_freewvs WHERE uid=?", [$uid]);
Bernd Wurst Umstellung auf PDO-Datenban...

Bernd Wurst authored 10 years ago

modules/webapps/freewvs.php 34) $result=$result->fetch();
bernd initiales freewvs-modul

bernd authored 17 years ago

modules/freewvs/freewvs.php 35) $freq=$result['freq'];
modules/freewvs/freewvs.php 36) 
bernd Benutze überall title() sta...

bernd authored 14 years ago

modules/webapps/freewvs.php 37) headline('Überprüfung Ihrer Web-Anwendungen auf Sicherheitslücken');
bernd Zeige Freewvs-Resultate an

bernd authored 16 years ago

modules/freewvs/freewvs.php 38) 
Bernd Wurst Umformulierungen im Bereich...

Bernd Wurst authored 9 years ago

modules/webapps/freewvs.php 39) output('<p>Bei '.config('company_name').' werden die von Ihnen installierten Web-Anwendungen (z.B. Blog-Software, Content-Management-Systeme, ...) regelmäßig automatisch auf bekannte Sicherheitsprobleme untersucht. Sie erhalten jeweils umgehend eine Nachricht, wenn wir gefährdete Anwendungen finden. Zudem werden wir Sie regelmäßig an bestehende Sicherheitslücken erinnern.</p>
modules/webapps/freewvs.php 40) <p><strong>Wie häufig möchten Sie an bestehende Sicherheitsprobleme erinnert werden?</strong></p>
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

modules/webapps/freewvs.php 41) '.html_form('freewvs_freq', 'freewvs', '', '<p>'.html_select('freq', ['day' => 'täglich', 'week' => 'einmal pro Woche', 'month' => 'einmal pro Monat'], $freq).' &#160; <input type="submit" value="speichern" /></p>'));
bernd Zeige Freewvs-Resultate an

bernd authored 16 years ago

modules/freewvs/freewvs.php 42) 
modules/freewvs/freewvs.php 43) $results = load_results();
modules/freewvs/freewvs.php 44) 
modules/freewvs/freewvs.php 45) output('<h3>Aktuell installierte Web-Anwendungen</h3>
modules/freewvs/freewvs.php 46) <p>Die folgenden Web-Anwendungen wurden beim letzten Programmdurchlauf gefunden. Diese Liste wird i.d.R. täglich aktualisiert.</p>');
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 47) foreach ($results as $app) {
modules/webapps/freewvs.php 48)     $url = get_url_for_dir($app['directory']);
modules/webapps/freewvs.php 49)     output("<div class='freewvs freewvs-{$app['state']}'>\n");
modules/webapps/freewvs.php 50)     if ($app['state'] == 'ok') {
modules/webapps/freewvs.php 51)         output("<img src='{$prefix}images/ok.png' />\n");
modules/webapps/freewvs.php 52)         output("<p><strong>{$app['appname']} {$app['version']}</strong></p>\n");
Hanno Böck XSS in freewvs dirs

Hanno Böck authored 5 years ago

modules/webapps/freewvs.php 53)         output("<p>Gefunden in ".filter_output_html($app['directory'])." (<a href=\"{$url}\">{$url}</a>)</p>\n");
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 54)         output("<p>Diese Anwendung hat keine allgemein bekannten Sicherheitsprobleme.</p>\n");
bernd Zeige Freewvs-Resultate an

bernd authored 16 years ago

modules/freewvs/freewvs.php 55)     } else {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 56)         $vulnlink = $app['vulninfo'];
modules/webapps/freewvs.php 57)         $doclink = get_upgradeinstructions($app['appname']);
modules/webapps/freewvs.php 58)         if (substr($vulnlink, 0, 3) == 'CVE') {
modules/webapps/freewvs.php 59)             $vulnlink = 'https://cve.mitre.org/cgi-bin/cvename.cgi?name='.$vulnlink;
modules/webapps/freewvs.php 60)         }
modules/webapps/freewvs.php 61)         output("<img src='{$prefix}images/error.png' />\n");
modules/webapps/freewvs.php 62)         output("<p><strong>{$app['appname']} {$app['version']}</strong></p>\n");
Hanno Böck XSS in freewvs dirs

Hanno Böck authored 5 years ago

modules/webapps/freewvs.php 63)         output("<p>Gefunden in ".filter_output_html($app['directory'])." (<a href=\"{$url}\">{$url}</a>)</p>\n");
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 64)         if ($app['safeversion'] != '') {
modules/webapps/freewvs.php 65)             output("<p>Diese Anwendung ist von Sicherheits-Problemen betroffen. Ein <strong>Update auf Version {$app['safeversion']}</strong> wird dringend empfohlen. Prüfen Sie anhand der unten genannten Referenz welche Gefahren von dieser Anwendung momentan ausgehen.</p>\n");
modules/webapps/freewvs.php 66)         } else {
modules/webapps/freewvs.php 67)             output("<p>Diese Anwendung ist von Sicherheits-Problemen betroffen. Leider gibt es <strong>momentan keine aktualisierte Version</strong>. Prüfen Sie bitte anhand der unten genannten Beschreibung des Problem die möglichen Gefahren eines weiteren Betriebs dieser Anwendung.</p>\n");
modules/webapps/freewvs.php 68)         }
modules/webapps/freewvs.php 69)         output("<p><strong>Referenz zu diesem Sicherheitsproblem: <a href='{$vulnlink}'>{$app['vulninfo']}</a></strong></p>");
modules/webapps/freewvs.php 70)         if ($doclink != null) {
modules/webapps/freewvs.php 71)             output('<p><strong>Hinweis:</strong> Um Ihnen das Upgrade leichter zu machen, möchten wir Sie auf eine <a href="'.$doclink.'">deutschsprachige Upgrade-Anleitung</a> aufmerksam machen.</p>'."\n");
modules/webapps/freewvs.php 72)         }
modules/webapps/freewvs.php 73)         $up = upgradeable($app['appname'], $app['version']);
modules/webapps/freewvs.php 74)         if ($up) {
modules/webapps/freewvs.php 75)             if (directory_in_use($app['directory'])) {
modules/webapps/freewvs.php 76)                 output('<p><em>Automatische Update-Aktion heute nicht mehr möglich</em></p>');
modules/webapps/freewvs.php 77)             } else {
modules/webapps/freewvs.php 78)                 output('<p>'.internal_link('requestupdate', 'Update automatisch durchführen', "dir={$app['directory']}&app={$up}")."</p>\n");
modules/webapps/freewvs.php 79)             }
modules/webapps/freewvs.php 80)         }
bernd * alle internen Links sinnv...

bernd authored 15 years ago

modules/webapps/freewvs.php 81)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

modules/webapps/freewvs.php 82)     output("</div>\n");
modules/webapps/freewvs.php 83)     #output("<tr><td>{$app['appname']} ({$app['version']})</td><td>{$app['state']}</td></tr>");