MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

XML export ... woohoo !!!

pull/61/head
Christophe Vandeplas 2012-03-26 15:06:01 +02:00
parent df7efb9d88
commit 28cf7d44e9
3 changed files with 21 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
app/Controller/EventsController.php
View File

@ -497,7 +497,7 @@ class EventsController extends AppController {
public function xml($key) { public function xml($key) {
// FIXME implement XML output // LATER filter out private events AND private signatures
// check if the key is valid -> search for users based on key // check if the key is valid -> search for users based on key
$this->loadModel('User'); $this->loadModel('User');
// no input sanitization necessary, it's done by model // no input sanitization necessary, it's done by model
@ -506,40 +506,32 @@ class EventsController extends AppController {
throw new UnauthorizedException('Incorrect authentication key'); throw new UnauthorizedException('Incorrect authentication key');
} }
// display the full xml // display the full xml
$this->header('Content-Type: text/xml'); // set the content type $this->response->type('xml'); // set the content type
$this->layout = 'xml/default'; $this->layout = 'xml/default';
// $this->header('Content-Disposition: attachment; filename="cydefsig.xml"'); $this->header('Content-Disposition: inline; filename="cydefsig.xml"');
$conditions = array("Event.alerted" => 1); $conditions = array("Event.alerted" => 1);
$fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.info'); // do not expose all the data like user_id, ...
$fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.info', 'Event.uuid');
if ('true' == Configure::read('CyDefSIG.showorg')) { if ('true' == Configure::read('CyDefSIG.showorg')) {
$fields[] = 'Event.org'; $fields[] = 'Event.org';
} }
// $this->Event->Behaviors->attach('Containable');
// $contain = array('Signature.id', 'Signature.type', 'Signature.value', 'Signature.to_snort');
$params = array('conditions' => $conditions, $params = array('conditions' => $conditions,
'recursive' => 1, 'recursive' => 1,
'fields' => $fields, 'fields' => $fields,
// 'contain' => $contain
); );
$results = $this->Event->find('all', $params); $results = $this->Event->find('all', $params);
/* $xml = Xml::build('<?xml version="1.0" encoding="UTF-8" ?><CyDefSIG></CyDefSIG>'); */ $xmlArray = array();
foreach ($results as $result) {
$myXmlOriginal = '<?xml version="1.0"?><root><child>value</child></root>'; $result['Event']['signature'] = $result['Signature'];
$xml = Xml::build($myXmlOriginal); $xmlArray['CyDefSIG']['event'][] = $result['Event'];
$xml->root->addChild('young', 'new value'); }
// foreach ($results as $result) {
// debug($result);
// $xml->CyDefSIG->addChild('f', 'b');
// debug($xml);
// }
// debug($results);
// $xml= Xml::fromArray(array('event' =>$results), array('format' => 'tags', 'return' => 'domdocument'));
// debug($xml->saveXML());
$xmlObject = Xml::fromArray($xmlArray, array('format' => 'tags')); // You can use Xml::build() too
$xmlString = $xmlObject->asXML();
$this->set('xml', $xmlString);
} }
@ -552,8 +544,8 @@ class EventsController extends AppController {
throw new UnauthorizedException('Incorrect authentication key'); throw new UnauthorizedException('Incorrect authentication key');
} }
// display the full snort rulebase // display the full snort rulebase
$this->header('Content-Type: text/plain'); // set the content type $this->response->type('txt'); // set the content type
$this->header('Content-Disposition: attachment; filename="cydefsig.rules"'); $this->header('Content-Disposition: inline; filename="cydefsig.rules"');
$this->layout = 'text/default'; $this->layout = 'text/default';
$rules= array(); $rules= array();
@ -788,7 +780,8 @@ class EventsController extends AppController {
throw new UnauthorizedException('Incorrect authentication key'); throw new UnauthorizedException('Incorrect authentication key');
} }
$this->header('Content-Type: text/plain'); // set the content type $this->response->type('txt'); // set the content type
$this->header('Content-Disposition: inline; filename="cydefsig.'.$type.'.txt"');
$this->layout = 'text/default'; $this->layout = 'text/default';
$this->loadModel('Signature'); $this->loadModel('Signature');

8
app/View/Events/xml.ctp
View File

@ -1,8 +1,2 @@
<?php <?php
// $xml = Xml::build($events); echo $xml;
//echo $this->Xml->header();
?><?php echo '<?xml version="1.0" encoding="UTF-8" ?><CyDefSIG>';?>
<CyDefSIG>
<?php // echo $this->Xml->serialize($events, array('format' => 'tags')); ?>
<?php // echo Xml::fromArray($events, array('format' => 'tags')); ?>
</CyDefSIG>

2
app/View/Users/news.ctp
View File

@ -5,7 +5,7 @@
A special CSS exists now to give a better layout when printing pages. A special CSS exists now to give a better layout when printing pages.
All the pages should now look a lot better on paper.</p> All the pages should now look a lot better on paper.</p>
<p><b>File upload</b><br/> <p><b>File upload</b><br/>
Andrzej Dereszowski (NCIRC) added the file-uploading functionality. Andrzej Dereszowski (NCIRC) added the file-uploading functionality. Malware samples are password protected with the password <em>infected</em>.
</p> </p>
<p><b>Backend rewrite + security</b><br/> <p><b>Backend rewrite + security</b><br/>
Complete rewrite of the backend code to migrate to CakePHP 2.x (from CakePHP 1.3). <br/> Complete rewrite of the backend code to migrate to CakePHP 2.x (from CakePHP 1.3). <br/>