MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'hotfix-2.3.160'

pull/727/head v2.3.161
iglocska 2015-11-17 01:17:55 +01:00
parent 63915ab714 332d5fa666
commit 8a5f725547
34 changed files with 282 additions and 282 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -85,7 +85,7 @@ class AppController extends Controller {
// Let us access $baseurl from all views
$baseurl = Configure::read('MISP.baseurl');
$this->set('baseurl', $baseurl);
$this->set('baseurl', h($baseurl));
// send users away that are using ancient versions of IE
// Make sure to update this if IE 20 comes out :)

2
app/View/Attributes/alternate_search_result.ctp
View File

@ -16,7 +16,7 @@
foreach ($events as $event) {
?>
<tr>
<td class="short"><a href="<?php echo h($baseurl);?>/events/view/<?php echo (h($event['Event']['id'])); ?>"><?php echo (h($event['Event']['id'])); ?></a></td>
<td class="short"><a href="<?php echo $baseurl;?>/events/view/<?php echo (h($event['Event']['id'])); ?>"><?php echo (h($event['Event']['id'])); ?></a></td>
<td class="short">
<?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['orgc']) . '.png';

22
app/View/Attributes/index.ctp
View File

@ -59,7 +59,7 @@ foreach ($attributes as $attribute):
?>
<tr>
<td class="short">
<div ondblclick="document.location='<?php echo h($baseurl)?>/events/view/<?php echo $attribute['Event']['id'];?>';" title="<?php echo h($attribute['Event']['info']); ?>">
<div ondblclick="document.location='<?php echo $baseurl?>/events/view/<?php echo $attribute['Event']['id'];?>';" title="<?php echo h($attribute['Event']['info']); ?>">
<?php
if ($attribute['Event']['orgc'] == $me['org']) {
$style='style="color:red;"';
@ -68,11 +68,11 @@ foreach ($attributes as $attribute):
}
$currentCount++;
?>
<a href="<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Event']['id'];?>" <?php echo $style;?>><?php echo $attribute['Event']['id'];?></a>
<a href="<?php echo $baseurl;?>/events/view/<?php echo $attribute['Event']['id'];?>" <?php echo $style;?>><?php echo $attribute['Event']['id'];?></a>
</div>
</td>
<?php if (Configure::read('MISP.showorg') || $isAdmin): ?>
<td class="short" ondblclick="document.location.href ='<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Event']['id'];?>'">
<td class="short" ondblclick="document.location.href ='<?php echo $baseurl;?>/events/view/<?php echo $attribute['Event']['id'];?>'">
<?php
$imgRelativePath = 'orgs' . DS . h($attribute['Event']['orgc']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
@ -82,26 +82,26 @@ foreach ($attributes as $attribute):
&nbsp;
</td>
<?php endif;?>
<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" ondblclick="document.location='<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Event']['id'];?>';">
<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" ondblclick="document.location='<?php echo $baseurl;?>/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo h($attribute['Attribute']['category']); ?>&nbsp;</td>
<td title="<?php if (isset($typeDefinitions[$attribute['Attribute']['type']])) echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" ondblclick="document.location='<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Event']['id'];?>';">
<td title="<?php if (isset($typeDefinitions[$attribute['Attribute']['type']])) echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" ondblclick="document.location='<?php echo $baseurl;?>/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo h($attribute['Attribute']['type']); ?>&nbsp;</td>
<td class="showspaces" ondblclick="document.location='<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Event']['id'];?>';"><?php
<td class="showspaces" ondblclick="document.location='<?php echo $baseurl;?>/events/view/<?php echo $attribute['Event']['id'];?>';"><?php
$sigDisplay = nl2br(h($attribute['Attribute']['value']));
if ($isSearch == 1 && !empty($replacePairs)) {
// highlight the keywords if there are any
$sigDisplay = $this->Highlight->highlighter($sigDisplay, $replacePairs);
}
if ('attachment' == $attribute['Attribute']['type'] || 'malware-sample' == $attribute['Attribute']['type']) {
?><a href="<?php echo h($baseurl);?>/attributes/download/<?php echo $attribute['Attribute']['id'];?>"><?php echo $sigDisplay; ?></a><?php
?><a href="<?php echo $baseurl;?>/attributes/download/<?php echo $attribute['Attribute']['id'];?>"><?php echo $sigDisplay; ?></a><?php
} elseif ('link' == $attribute['Attribute']['type']) {
?><a href="<?php echo h($baseurl).h($attribute['Attribute']['value']);?>"><?php echo $sigDisplay; ?></a><?php
?><a href="<?php echo $baseurl.h($attribute['Attribute']['value']);?>"><?php echo $sigDisplay; ?></a><?php
} else {
echo $sigDisplay;
}
?>
</td>
<td ondblclick="document.location ='document.location ='<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Event']['id'];?>';">
<td ondblclick="document.location ='document.location ='<?php echo $baseurl;?>/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php
$sigDisplay = nl2br(h($attribute['Attribute']['comment']));
if ($isSearch == 1 && !empty($replacePairs)) {
@ -116,11 +116,11 @@ foreach ($attributes as $attribute):
</td>
<td class="short action-links"><?php
if ($isAdmin || ($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org'])) {
?><a href="<?php echo h($baseurl);?>/attributes/edit/<?php echo $attribute['Attribute']['id'];?>" class="icon-edit" title="Edit"></a><?php
?><a href="<?php echo $baseurl;?>/attributes/edit/<?php echo $attribute['Attribute']['id'];?>" class="icon-edit" title="Edit"></a><?php
echo $this->Form->postLink('',array('action' => 'delete', $attribute['Attribute']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute?'));
}
?>
<a href="<?php echo h($baseurl);?>/events/view/<?php echo $attribute['Attribute']['event_id'];?>" class="icon-list-alt" title="View"></a>
<a href="<?php echo $baseurl;?>/events/view/<?php echo $attribute['Attribute']['event_id'];?>" class="icon-list-alt" title="View"></a>
</td>
</tr>
<?php

4
app/View/Elements/ajaxTags.ctp
View File

@ -4,9 +4,9 @@
foreach ($tags as $tag): ?>
<td style="padding-right:0px;">
<?php if ($isAclTagger): ?>
<a href="<?php echo h($baseurl);?>/events/index/searchtag:<?php echo h($tag['Tag']['id']); ?>" class="tagFirstHalf" style="background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<a href="<?php echo $baseurl;?>/events/index/searchtag:<?php echo h($tag['Tag']['id']); ?>" class="tagFirstHalf" style="background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<?php else: ?>
<a href="<?php echo h($baseurl);?>/events/index/searchtag:<?php echo h($tag['Tag']['id']); ?>" class=tag style="background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<a href="<?php echo $baseurl;?>/events/index/searchtag:<?php echo h($tag['Tag']['id']); ?>" class=tag style="background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<?php endif; ?>
</td>
<?php if ($isAclTagger): ?>

4
app/View/Elements/eventattribute.ctp
View File

@ -254,12 +254,12 @@
if ($object['objectType'] == 0) {
if ($isSiteAdmin || !$mayModify) {
?>
<a href="<?php echo h($baseurl);?>/shadow_attributes/edit/<?php echo $object['id']; ?>" title="Propose Edit" class="icon-share useCursorPointer"></a>
<a href="<?php echo $baseurl;?>/shadow_attributes/edit/<?php echo $object['id']; ?>" title="Propose Edit" class="icon-share useCursorPointer"></a>
<?php
}
if ($isSiteAdmin || $mayModify) {
?>
<a href="<?php echo h($baseurl);?>/attributes/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<a href="<?php echo $baseurl;?>/attributes/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', 'delete', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}

4
app/View/Elements/eventattributerow.ctp
View File

@ -142,12 +142,12 @@ if ($object['objectType'] == 1) {
if ($object['objectType'] == 0) {
if ($isSiteAdmin || $mayModify) {
?>
<a href="<?php echo h($baseurl)."/attributes/edit/".$object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<a href="<?php echo $baseurl."/attributes/edit/".$object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', 'delete', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
} else {
?>
<a href="<?php echo h($baseurl)."/shadow_attributes/edit/".$object['id']; ?>" title="Propose Edit" class="icon-edit useCursorPointer"></a>
<a href="<?php echo $baseurl."/shadow_attributes/edit/".$object['id']; ?>" title="Propose Edit" class="icon-edit useCursorPointer"></a>
<?php
}
} else {

4
app/View/Elements/eventdiscussion.ctp
View File

@ -87,14 +87,14 @@
echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['Post']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this post?'));
} else {
?>
<a href="<?php echo h($baseurl).'/posts/add/post/'.h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
<a href="<?php echo $baseurl.'/posts/add/post/'.h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
<?php
}
} else {
echo $this->Html->link('', array('controller' => 'posts', 'action' => 'edit', h($post['Post']['id'])), array('class' => 'icon-edit', 'title' => 'Edit'));
echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['Post']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this post?'));
?>
<a href = "<?php echo h($baseurl).'/posts/add/post/'.h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
<a href = "<?php echo $baseurl.'/posts/add/post/'.h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
<?php
}

88
app/View/Elements/global_menu.ctp
View File

@ -11,37 +11,37 @@
<?php if ($me != false ):?>
<div class="nav-collapse collapse">
<ul class="nav">
<li><a href="<?php echo h($baseurl);?>" style="color:white">Home</a></li>
<li><a href="<?php echo $baseurl;?>" style="color:white">Home</a></li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Event Actions
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo h($baseurl);?>/events/index">List Events</a></li>
<li><a href="<?php echo $baseurl;?>/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="<?php echo h($baseurl);?>/events/add">Add Event</a></li>
<li><a href="<?php echo $baseurl;?>/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/attributes/index">List Attributes</a></li>
<li><a href="<?php echo h($baseurl);?>/attributes/search">Search Attributes</a></li>
<li><a href="<?php echo $baseurl;?>/attributes/index">List Attributes</a></li>
<li><a href="<?php echo $baseurl;?>/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/shadow_attributes/index">View Proposals</a></li>
<li><a href="<?php echo h($baseurl);?>/events/proposalEventIndex">Events with proposals</a></li>
<li><a href="<?php echo $baseurl;?>/shadow_attributes/index">View Proposals</a></li>
<li><a href="<?php echo $baseurl;?>/events/proposalEventIndex">Events with proposals</a></li>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/tags/index">List Tags</a></li>
<li><a href="<?php echo $baseurl;?>/tags/index">List Tags</a></li>
<?php if ($isAclTagger): ?>
<li><a href="<?php echo h($baseurl);?>/tags/add">Add Tag</a></li>
<li><a href="<?php echo $baseurl;?>/tags/add">Add Tag</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/templates/index">List Templates</a></li>
<li><a href="<?php echo $baseurl;?>/templates/index">List Templates</a></li>
<?php if ($isAclTemplate): ?>
<li><a href="<?php echo h($baseurl);?>/templates/add">Add Template</a></li>
<li><a href="<?php echo $baseurl;?>/templates/add">Add Template</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/events/export">Export</a></li>
<li><a href="<?php echo $baseurl;?>/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="<?php echo h($baseurl);?>/events/automation">Automation</a></li>
<li><a href="<?php echo $baseurl;?>/events/automation">Automation</a></li>
<?php endif;?>
</ul>
@ -54,12 +54,12 @@
</a>
<ul class="dropdown-menu">
<?php if ($isAclRegexp): ?>
<li><a href="<?php echo h($baseurl);?>/admin/regexp/index">Import Regexp</a></li>
<li><a href="<?php echo h($baseurl);?>/admin/whitelists/index">Signature Whitelist</a></li>
<li><a href="<?php echo $baseurl;?>/admin/regexp/index">Import Regexp</a></li>
<li><a href="<?php echo $baseurl;?>/admin/whitelists/index">Signature Whitelist</a></li>
<?php endif;?>
<?php if (!$isAclRegexp): ?>
<li><a href="<?php echo h($baseurl);?>/regexp/index">Import Regexp</a></li>
<li><a href="<?php echo h($baseurl);?>/whitelists/index">Signature Whitelist</a></li>
<li><a href="<?php echo $baseurl;?>/regexp/index">Import Regexp</a></li>
<li><a href="<?php echo $baseurl;?>/whitelists/index">Signature Whitelist</a></li>
<?php endif;?>
</ul>
</li>
@ -70,14 +70,14 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo h($baseurl);?>/users/view/me">My Profile</a></li>
<li><a href="<?php echo h($baseurl);?>/users/memberslist">Members List</a></li>
<li><a href="<?php echo h($baseurl);?>/roles/index">Role Permissions</a></li>
<li><a href="<?php echo h($baseurl);?>/pages/display/doc/quickstart">User Guide</a></li>
<li><a href="<?php echo h($baseurl);?>/users/terms">Terms &amp; Conditions</a></li>
<li><a href="<?php echo h($baseurl);?>/users/statistics">Statistics</a></li>
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
<li><a href="<?php echo $baseurl;?>/roles/index">Role Permissions</a></li>
<li><a href="<?php echo $baseurl;?>/pages/display/doc/quickstart">User Guide</a></li>
<li><a href="<?php echo $baseurl;?>/users/terms">Terms &amp; Conditions</a></li>
<li><a href="<?php echo $baseurl;?>/users/statistics">Statistics</a></li>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/users/logout">Log out</a></li>
<li><a href="<?php echo $baseurl;?>/users/logout">Log out</a></li>
</ul>
</li>
@ -88,7 +88,7 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo h($baseurl);?>/servers/index">List Servers</a></li>
<li><a href="<?php echo $baseurl;?>/servers/index">List Servers</a></li>
</ul>
</li>
<?php endif;?>
@ -100,28 +100,28 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo h($baseurl);?>/admin/users/add">New User</a></li>
<li><a href="<?php echo h($baseurl);?>/admin/users/index">List Users</a></li>
<li><a href="<?php echo h($baseurl);?>/admin/users/email">Contact Users</a></li>
<li><a href="<?php echo $baseurl;?>/admin/users/add">New User</a></li>
<li><a href="<?php echo $baseurl;?>/admin/users/index">List Users</a></li>
<li><a href="<?php echo $baseurl;?>/admin/users/email">Contact Users</a></li>
<li class="divider"></li>
<?php if($isSiteAdmin): ?>
<li><a href="<?php echo h($baseurl);?>/admin/roles/add">New Role</a></li>
<li><a href="<?php echo $baseurl;?>/admin/roles/add">New Role</a></li>
<?php endif; ?>
<li><a href="<?php echo h($baseurl);?>/admin/roles/index">List Roles</a></li>
<li><a href="<?php echo $baseurl;?>/admin/roles/index">List Roles</a></li>
<?php if($isSiteAdmin): ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/pages/display/administration">Administrative tools</a></li>
<li><a href="<?php echo h($baseurl);?>/servers/serverSettings">Server settings</a></li>
<li><a href="<?php echo $baseurl;?>/pages/display/administration">Administrative tools</a></li>
<li><a href="<?php echo $baseurl;?>/servers/serverSettings">Server settings</a></li>
<?php if (Configure::read('MISP.background_jobs')): ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/jobs/index">Jobs</a></li>
<li><a href="<?php echo $baseurl;?>/jobs/index">Jobs</a></li>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/tasks">Scheduled Tasks</a></li>
<li><a href="<?php echo $baseurl;?>/tasks">Scheduled Tasks</a></li>
<?php endif; ?>
<?php if (Configure::read('MISP.enableEventBlacklisting') && $isSiteAdmin): ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/eventBlacklists/add">Blacklist Event</a></li>
<li><a href="<?php echo h($baseurl);?>/eventBlacklists">Manage Event Blacklists</a></li>
<li><a href="<?php echo $baseurl;?>/eventBlacklists/add">Blacklist Event</a></li>
<li><a href="<?php echo $baseurl;?>/eventBlacklists">Manage Event Blacklists</a></li>
<?php endif; ?>
<?php endif; ?>
</ul>
@ -135,8 +135,8 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo h($baseurl);?>/admin/logs/index">List Logs</a></li>
<li><a href="<?php echo h($baseurl);?>/admin/logs/search">Search Logs</a></li>
<li><a href="<?php echo $baseurl;?>/admin/logs/index">List Logs</a></li>
<li><a href="<?php echo $baseurl;?>/admin/logs/search">Search Logs</a></li>
</ul>
</li>
<?php endif;?>
@ -146,8 +146,8 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo h($baseurl);?>/threads/index">List Discussions</a></li>
<li><a href="<?php echo h($baseurl);?>/posts/add">Start Discussion</a></li>
<li><a href="<?php echo $baseurl;?>/threads/index">List Discussions</a></li>
<li><a href="<?php echo $baseurl;?>/posts/add">Start Discussion</a></li>
</ul>
</li>
</ul>
@ -155,7 +155,7 @@
<div class="nav-collapse collapse pull-right">
<ul class="nav">
<li>
<a href="<?php echo h($baseurl);?>/events/proposalEventIndex" <?php if ($proposalCount > 0) echo 'style="font-weight:bold;"'; ?>>
<a href="<?php echo $baseurl;?>/events/proposalEventIndex" <?php if ($proposalCount > 0) echo 'style="font-weight:bold;"'; ?>>
<?php
$proposalPluralOrZero = 's';
if ($proposalCount == 1) $proposalPluralOrZero = '';
@ -166,17 +166,17 @@
</a>
</li>
<li>
<a href="<?php echo h($baseurl);?>/" id="fullLogo" style="font-weight:bold;">
<a href="<?php echo $baseurl;?>/" id="fullLogo" style="font-weight:bold;">
<span class="logoBlueStatic">M</span><span class="logoGray">alware</span>
<span class="logoBlueStatic">I</span><span class="logoGray">nformation </span>
<span class="logoBlueStatic">S</span><span class="logoGray">haring</span>
<span class="logoBlueStatic">P</span><span class="logoGray">latform</span>
</a>
<a href="<?php echo h($baseurl);?>/" id="smallLogo" style="display:none;font-weight:bold;">
<a href="<?php echo $baseurl;?>/" id="smallLogo" style="display:none;font-weight:bold;">
<span class="logoBlueStatic">MISP</span>
</a>
</li>
<li><a href="<?php echo h($baseurl);?>/users/logout">Log out</a></li>
<li><a href="<?php echo $baseurl;?>/users/logout">Log out</a></li>
</ul>
</div>
<?php endif;?>

2
app/View/Elements/healthElements/diagnostics.ctp
View File

@ -141,7 +141,7 @@
<?php
if ($sessionStatus < 2):
?>
<a href="<?php echo h($baseurl);?>/servers/purgeSessions"><span class="btn btn-inverse" style="padding-top:1px;padding-bottom:1px;">Purge sessions</span></a>
<a href="<?php echo $baseurl;?>/servers/purgeSessions"><span class="btn btn-inverse" style="padding-top:1px;padding-bottom:1px;">Purge sessions</span></a>
<?php
endif;
?>

12
app/View/Elements/healthElements/tabs.ctp
View File

@ -1,6 +1,6 @@
<div class="tabMenuFixedContainer">
<span class="tabMenuFixed tabMenuFixedLeft tabMenuSides">
<a href="<?php echo h($baseurl);?>/servers/serverSettings/" id="create-button" title="Modify filters" class="discrete">Overview</a>
<a href="<?php echo $baseurl;?>/servers/serverSettings/" id="create-button" title="Modify filters" class="discrete">Overview</a>
</span>
<?php
$i = 0;
@ -12,7 +12,7 @@
if ($tab['severity'] == 0) $severity = 'style="color:red;"';
?>
<span class="tabMenuFixed tabMenuFixedLeft <?php echo h($extra); ?> tabMenuSides">
<a href="<?php echo h($baseurl)."/servers/serverSettings/".h($k); ?>" id="create-button" title="Modify filters" class="discrete">
<a href="<?php echo $baseurl."/servers/serverSettings/".h($k); ?>" id="create-button" title="Modify filters" class="discrete">
<?php
echo h($label);
if ($tab['errors'] > 0) echo '<span ' . $severity . '> (' . $tab['errors'] . ')</span>';
@ -24,7 +24,7 @@
endforeach;
?>
<span class="tabMenuFixed tabMenuFixedCenter tabMenuSides" style="margin-left:50px;">
<a href="<?php echo h($baseurl);?>/servers/serverSettings/diagnostics" id="create-button" title="Modify filters" class="discrete">
<a href="<?php echo $baseurl;?>/servers/serverSettings/diagnostics" id="create-button" title="Modify filters" class="discrete">
Diagnostics
<?php
if ($diagnostic_errors > 0) echo '<span style="color:red;"> (' . $diagnostic_errors . ')</span>';
@ -33,7 +33,7 @@
</span>
<?php if (!empty($worker_array)): ?>
<span class="tabMenuFixed tabMenuFixedCenter tabMenuSides" style="margin-left:10px;">
<a href="<?php echo h($baseurl);?>/servers/serverSettings/workers" id="create-button" title="Modify filters" class="discrete">
<a href="<?php echo $baseurl;?>/servers/serverSettings/workers" id="create-button" title="Modify filters" class="discrete">
Workers
<?php
if ($workerIssueCount > 0) echo '<span style="color:red;"> (' . $workerIssueCount . ')</span>';
@ -42,9 +42,9 @@
</span>
<?php endif; ?>
<span class="tabMenuFixed tabMenuFixedCenter tabMenuSides" style="margin-left:10px;">
<a href="<?php echo h($baseurl);?>/servers/serverSettings/files" id="download-button" title="Manage files" class="discrete">Manage files</a>
<a href="<?php echo $baseurl;?>/servers/serverSettings/files" id="download-button" title="Manage files" class="discrete">Manage files</a>
</span>
<span class="tabMenuFixed tabMenuFixedCenter tabMenuSides" style="margin-left:10px;">
<a href="<?php echo h($baseurl);?>/servers/serverSettings/download" id="download-button" title="Download report" class="useCursorPointer discrete icon-download-alt"></a>
<a href="<?php echo $baseurl;?>/servers/serverSettings/download" id="download-button" title="Download report" class="useCursorPointer discrete icon-download-alt"></a>
</span>
</div>

84
app/View/Elements/side_menu.ctp
View File

@ -14,23 +14,23 @@
if ($isAclPublish) $mayPublish = true;
}
?>
<li <?php if ($menuItem === 'viewEvent') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
<li <?php if ($menuItem === 'eventLog') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/logs/event_index/<?php echo $event['Event']['id'];?>">View Event History</a></li>
<li <?php if ($menuItem === 'viewEvent') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
<li <?php if ($menuItem === 'eventLog') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/logs/event_index/<?php echo $event['Event']['id'];?>">View Event History</a></li>
<li class="divider"></li>
<?php if ($isSiteAdmin || (isset($mayModify) && $mayModify)): ?>
<li <?php if ($menuItem === 'editEvent') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
<li <?php if ($menuItem === 'editEvent') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li <?php if ($menuItem === 'addAttribute') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
<li <?php if ($menuItem === 'addAttachment') echo 'class="active"';;?>><a href="<?php echo h($baseurl);?>/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
<li <?php if ($menuItem === 'addIOC') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from OpenIOC</a></li>
<li <?php if ($menuItem === 'addThreatConnect') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/attributes/add_threatconnect/<?php echo $event['Event']['id']; ?>">Populate from ThreatConnect</a></li>
<li <?php if ($menuItem === 'addAttribute') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
<li <?php if ($menuItem === 'addAttachment') echo 'class="active"';;?>><a href="<?php echo $baseurl;?>/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
<li <?php if ($menuItem === 'addIOC') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from OpenIOC</a></li>
<li <?php if ($menuItem === 'addThreatConnect') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/attributes/add_threatconnect/<?php echo $event['Event']['id']; ?>">Populate from ThreatConnect</a></li>
<?php if ($menuItem === 'populateFromtemplate'): ?>
<li class="active"><a href="<?php echo h($baseurl);?>/templates/populateEventFromTemplate/<?php echo $template_id . '/' . $event['Event']['id']; ?>">Populate From Template</a></li>
<li class="active"><a href="<?php echo $baseurl;?>/templates/populateEventFromTemplate/<?php echo $template_id . '/' . $event['Event']['id']; ?>">Populate From Template</a></li>
<?php endif; ?>
<?php endif; ?>
<?php if (($isSiteAdmin && (!isset($mayModify) || !$mayModify)) || (!isset($mayModify) || !$mayModify)): ?>
<li <?php if ($menuItem === 'proposeAttribute') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
<li <?php if ($menuItem === 'proposeAttachment') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
<li <?php if ($menuItem === 'proposeAttribute') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
<li <?php if ($menuItem === 'proposeAttachment') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php
@ -39,39 +39,39 @@
if (isset($event['Event']['published']) && 0 == $event['Event']['published'] && ($isAdmin || (isset($mayPublish) && $mayPublish))) $publishButtons = "";
if (isset($event['Event']['published']) && $event['Event']['published']) $exportButtons = "";
?>
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="<?php echo h($baseurl);?>#" onClick="publishPopup('<?php echo $event['Event']['id']; ?>', 'alert')">Publish Event</a></li>
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="<?php echo h($baseurl);?>#" onClick="publishPopup('<?php echo $event['Event']['id']; ?>', 'publish')">Publish (no email)</a></li>
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="<?php echo $baseurl;?>#" onClick="publishPopup('<?php echo $event['Event']['id']; ?>', 'alert')">Publish Event</a></li>
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="<?php echo $baseurl;?>#" onClick="publishPopup('<?php echo $event['Event']['id']; ?>', 'publish')">Publish (no email)</a></li>
<li <?php if ($menuItem === 'contact') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
<li <?php if ($menuItem === 'contact') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
<li><a onClick="getPopup('<?php echo $event['Event']['id']; ?>', 'events', 'exportChoice');" style="cursor:pointer;">Download as...</a></li>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/events/index">List Events</a></li>
<li><a href="<?php echo $baseurl;?>/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="<?php echo h($baseurl);?>/events/add">Add Event</a></li>
<li><a href="<?php echo $baseurl;?>/events/add">Add Event</a></li>
<?php endif;
break;
case 'event-collection': ?>
<li <?php if ($menuItem === 'index') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/index">List Events</a></li>
<li <?php if ($menuItem === 'index') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li <?php if ($menuItem === 'add') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/add">Add Event</a></li>
<li <?php if ($menuItem === 'addXML') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/add_xml">Add MISP XML</a></li>
<li <?php if ($menuItem === 'add') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/add">Add Event</a></li>
<li <?php if ($menuItem === 'addXML') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/add_xml">Add MISP XML</a></li>
<?php endif; ?>
<li class="divider"></li>
<li <?php if ($menuItem === 'listAttributes') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/attributes/index">List Attributes</a></li>
<li <?php if ($menuItem === 'searchAttributes' || $menuItem === 'searchAttributes2') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/attributes/search">Search Attributes</a></li>
<li <?php if ($menuItem === 'listAttributes') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/attributes/index">List Attributes</a></li>
<li <?php if ($menuItem === 'searchAttributes' || $menuItem === 'searchAttributes2') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/attributes/search">Search Attributes</a></li>
<?php if ($menuItem == 'searchAttributes2'): ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/events/downloadSearchResult">Download results as XML</a></li>
<li><a href="<?php echo h($baseurl);?>/events/csv/download/search">Download results as CSV</a></li>
<li><a href="<?php echo $baseurl;?>/events/downloadSearchResult">Download results as XML</a></li>
<li><a href="<?php echo $baseurl;?>/events/csv/download/search">Download results as CSV</a></li>
<?php endif; ?>
<li class="divider"></li>
<li <?php if ($menuItem === 'viewProposals') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/shadow_attributes/index">View Proposals</a></li>
<li <?php if ($menuItem === 'viewProposalIndex') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/proposalEventIndex">Events with proposals</a></li>
<li <?php if ($menuItem === 'viewProposals') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/shadow_attributes/index">View Proposals</a></li>
<li <?php if ($menuItem === 'viewProposalIndex') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/proposalEventIndex">Events with proposals</a></li>
<li class="divider"></li>
<li <?php if ($menuItem === 'export') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/export">Export</a></li>
<li <?php if ($menuItem === 'export') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li <?php if ($menuItem === 'automation') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/events/automation">Automation</a></li>
<li <?php if ($menuItem === 'automation') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/events/automation">Automation</a></li>
<?php endif;
break;
@ -107,12 +107,12 @@
<li <?php if ($menuItem === 'edit') echo 'class="active"';?>><?php echo $this->Html->link(__('Edit User', true), array('action' => 'edit', $user['User']['id'])); ?></li>
<li class="divider"></li>
<?php endif; ?>
<li <?php if ($menuItem === 'view') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/users/view/me">My Profile</a></li>
<li <?php if ($menuItem === 'members') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/users/memberslist">Members List</a></li>
<li <?php if ($menuItem === 'roles') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/roles/index">Role Permissions</a></li>
<li <?php if ($menuItem === 'userGuide') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/pages/display/doc/general">User Guide</a></li>
<li <?php if ($menuItem === 'terms') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/users/terms">Terms &amp; Conditions</a></li>
<li <?php if ($menuItem === 'statistics') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/users/statistics">Statistics</a></li>
<li <?php if ($menuItem === 'view') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li <?php if ($menuItem === 'members') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
<li <?php if ($menuItem === 'roles') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/roles/index">Role Permissions</a></li>
<li <?php if ($menuItem === 'userGuide') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/pages/display/doc/general">User Guide</a></li>
<li <?php if ($menuItem === 'terms') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/users/terms">Terms &amp; Conditions</a></li>
<li <?php if ($menuItem === 'statistics') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/users/statistics">Statistics</a></li>
<?php
break;
@ -154,17 +154,17 @@
<li <?php if ($menuItem === 'indexRole') echo 'class="active"';?>><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li <?php if ($menuItem === 'adminTools') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/pages/display/administration">Administrative Tools</a></li>
<li <?php if ($menuItem === 'serverSettings') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/servers/serverSettings">Server Settings</a></li>
<li <?php if ($menuItem === 'adminTools') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/pages/display/administration">Administrative Tools</a></li>
<li <?php if ($menuItem === 'serverSettings') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/servers/serverSettings">Server Settings</a></li>
<li class="divider"></li>
<?php if (Configure::read('MISP.background_jobs')): ?>
<li <?php if ($menuItem === 'jobs') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/jobs/index">Jobs</a></li>
<li <?php if ($menuItem === 'jobs') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/jobs/index">Jobs</a></li>
<li class="divider"></li>
<li <?php if ($menuItem === 'tasks') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/tasks">Scheduled Tasks</a></li>
<li <?php if ($menuItem === 'tasks') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/tasks">Scheduled Tasks</a></li>
<?php endif;
if (Configure::read('MISP.enableEventBlacklisting')): ?>
<li <?php if ($menuItem === 'eventBlacklistsAdd') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/eventBlacklists/add">Blacklists Event</a></li>
<li <?php if ($menuItem === 'eventBlacklists') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/eventBlacklists">Manage Event Blacklists</a></li>
<li <?php if ($menuItem === 'eventBlacklistsAdd') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/eventBlacklists/add">Blacklists Event</a></li>
<li <?php if ($menuItem === 'eventBlacklists') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/eventBlacklists">Manage Event Blacklists</a></li>
<?php endif;
endif;
break;
@ -211,16 +211,16 @@
break;
case 'templates': ?>
<li <?php if ($menuItem === 'index') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/templates/index">List Templates</a></li>
<li <?php if ($menuItem === 'index') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/templates/index">List Templates</a></li>
<?php if ($isSiteAdmin || $isAclTemplate): ?>
<li <?php if ($menuItem === 'add') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/templates/add">Add Template</a></li>
<li <?php if ($menuItem === 'add') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/templates/add">Add Template</a></li>
<?php
endif;
if (($menuItem === 'view' || $menuItem === 'edit')):
?>
<li <?php if ($menuItem === 'view') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/templates/view/<?php echo $id; ?>">View Template</a></li>
<li <?php if ($menuItem === 'view') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/templates/view/<?php echo $id; ?>">View Template</a></li>
<?php if ($mayModify): ?>
<li <?php if ($menuItem === 'edit') echo 'class="active"';?>><a href="<?php echo h($baseurl);?>/templates/edit/<?php echo $id; ?>">Edit Template</a></li>
<li <?php if ($menuItem === 'edit') echo 'class="active"';?>><a href="<?php echo $baseurl;?>/templates/edit/<?php echo $id; ?>">Edit Template</a></li>
<?php
endif;
endif;

2
app/View/Errors/error400.ctp
View File

@ -36,7 +36,7 @@ else:
This happens usually when you try to resubmit the same form with invalidated CSRF tokens or you had a form open too long and the CSRF tokens simply expired. Just go back to the previous page and refresh the form (by reloading the same url) so that the tokens get refreshed.
</p>
<p>
Alternatively, click <a href="<?php echo h($baseurl);?>">here</a> to continue to the start page.
Alternatively, click <a href="<?php echo $baseurl;?>">here</a> to continue to the start page.
</p>
<?php
if (Configure::read('debug') > 0):

2
app/View/EventBlacklists/index.ctp
View File

@ -35,7 +35,7 @@ foreach ($response as $item): ?>
<td class="short"><?php echo (isset($item['EventBlacklist']['event_info']) ? h($item['EventBlacklist']['event_info']) : '&nbsp;'); ?></td>
<td class="short"><?php echo (isset($item['EventBlacklist']['comment']) ? h($item['EventBlacklist']['comment']) : '&nbsp;'); ?></td>
<td class="short action-links">
<a href="<?php echo h($baseurl);?>/eventBlacklists/edit/<?php echo h($item['EventBlacklist']['id']); ?>"><span class="icon-edit" title="edit">&nbsp;</span></a>
<a href="<?php echo $baseurl;?>/eventBlacklists/edit/<?php echo h($item['EventBlacklist']['id']); ?>"><span class="icon-edit" title="edit">&nbsp;</span></a>
<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['EventBlacklist']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete the blacklist entry for the event UUID %s?', h($item['EventBlacklist']['event_uuid']))); ?>
</td>
</tr><?php

96
app/View/Events/automation.ctp
View File

@ -13,18 +13,18 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
<h3>XML Export</h3>
<p>An automatic export of all events and attributes <small>(except file attachments)</small> is available under a custom XML format.</p>
<p>You can configure your tools to automatically download the following file:</p>
<pre><?php echo h($baseurl);?>/events/xml/download</pre>
<pre><?php echo $baseurl;?>/events/xml/download</pre>
<p>If you only want to fetch a specific event append the eventid number:</p>
<pre><?php echo h($baseurl);?>/events/xml/download/1</pre>
<pre><?php echo $baseurl;?>/events/xml/download/1</pre>
<p>You can post an XML or JSON object containing additional parameters in the following formats:</p>
<p>JSON:</p>
<pre><?php echo h($baseurl);?>/events/xml/download.json</pre>
<pre><?php echo $baseurl;?>/events/xml/download.json</pre>
<code>{"request": {"eventid":["!51","!62"],"withAttachment":false,"tags":["APT1","!OSINT"],"from":false,"to":"2015-02-15"}}</code><br /><br />
<p>XML:</p>
<pre><?php echo h($baseurl);?>/events/xml/download</pre>
<pre><?php echo $baseurl;?>/events/xml/download</pre>
<code>&lt;request&gt;&lt;eventid&gt;!51&lt;/eventid&gt;&lt;eventid&gt;!62&lt;/eventid&gt;&lt;withAttachment&gt;false&lt;/withAttachment&gt;&lt;tags&gt;APT1&lt;/tags&gt;&lt;tags&gt;!OSINT&lt;/tags&gt;&lt;from&gt;false&lt;/from&gt;&lt;to&gt;2015-02-15&lt;/to&gt;&lt;/request&gt;</code><br /><br />
<p>The xml download also accepts two additional the following optional parameters in the url: </p>
<pre><?php echo h($baseurl);?>/events/xml/download/[eventid]/[withattachments]/[tags]/[from]/[to]/[last]</pre>
<pre><?php echo $baseurl;?>/events/xml/download/[eventid]/[withattachments]/[tags]/[from]/[to]/[last]</pre>
<p>
<b>eventid</b>: Restrict the download to a single event<br />
<b>withattachments</b>: A boolean field that determines whether attachments should be encoded and a second parameter that controls the eligible tags. <br />
@ -32,21 +32,21 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
You can also chain several tag commands together with the '&amp;&amp;' operator. Please be aware the colons (:) cannot be used in the tag search.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
</p>
<pre><?php echo h($baseurl);?>/events/xml/download/false/true/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<pre><?php echo $baseurl;?>/events/xml/download/false/true/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<p>
<b>from</b>: Events with the date set to a date after the one specified in the from field (format: 2015-02-15)<br />
<b>to</b>: Events with the date set to a date before the one specified in the to field (format: 2015-02-15)<br />
<b>last</b>: Events published within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)<br />
</p>
<p>The keywords false or null should be used for optional empty parameters in the URL.</p>
<p>Also check out the <a href="<?php echo h($baseurl);?>/pages/display/doc/using_the_system#rest">User Guide</a> to read about the REST API.</p>
<p>Also check out the <a href="<?php echo $baseurl;?>/pages/display/doc/using_the_system#rest">User Guide</a> to read about the REST API.</p>
<p></p>
<h3>CSV Export</h3>
<p>An automatic export of attributes is available as CSV. Only attributes that are flagged "to_ids" will get exported.</p>
<p>You can configure your tools to automatically download the following file:</p>
<pre><?php echo h($baseurl);?>/events/csv/download/</pre>
<pre><?php echo $baseurl;?>/events/csv/download/</pre>
<p>You can specify additional flags for CSV exports as follows::</p>
<pre><?php echo h($baseurl);?>/events/csv/download/[eventid]/[ignore]/[tags]/[category]/[type]/[includeContext]/[from]/[to]/[last]</pre>
<pre><?php echo $baseurl;?>/events/csv/download/[eventid]/[ignore]/[tags]/[category]/[type]/[includeContext]/[from]/[to]/[last]</pre>
<p>
<b>eventid</b>: Restrict the download to a single event<br />
<b>ignore</b>: Setting this flag to true will include attributes that are not marked "to_ids".<br />
@ -55,7 +55,7 @@ You can also chain several tag commands together with the '&amp;&amp;' operator.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
</p>
<p>For example, to only download a csv generated of the "domain" type and the "Network activity" category attributes all events except for the one and further restricting it to events that are tagged "tag1" or "tag2" but not "tag3", only allowing attributes that are IDS flagged use the following syntax:</p>
<pre><?php echo h($baseurl);?>/events/csv/download/false/false/tag1&amp;&amp;tag2&amp;&amp;!tag3/Network%20activity/domain</pre>
<pre><?php echo $baseurl;?>/events/csv/download/false/false/tag1&amp;&amp;tag2&amp;&amp;!tag3/Network%20activity/domain</pre>
<p>
<b>category</b>: The attribute category, any valid MISP attribute category is accepted.<br />
<b>type</b>: The attribute type, any valid MISP attribute type is accepted.<br />
@ -66,15 +66,15 @@ Use semicolons instead (the search will automatically search for colons instead)
</p>
<p>The keywords false or null should be used for optional empty parameters in the URL.</p>
<p>To export the attributes of all events that are of the type "domain", use the following syntax:</p>
<pre><?php echo h($baseurl);?>/events/csv/download/false/false/false/false/domain</pre>
<pre><?php echo $baseurl;?>/events/csv/download/false/false/false/false/domain</pre>
<h3>NIDS rules export</h3>
<p>Automatic export of all network related attributes is available under the Snort rule format. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported.</p>
<p>You can configure your tools to automatically download the following file:</p>
<pre><?php echo h($baseurl);?>/events/nids/suricata/download
<?php echo h($baseurl);?>/events/nids/snort/download</pre>
<pre><?php echo $baseurl;?>/events/nids/suricata/download
<?php echo $baseurl;?>/events/nids/snort/download</pre>
<p>The full API syntax is as follows:</p>
<pre><?php echo h($baseurl);?>/events/nids/[format]/download/[eventid]/[frame]/[tags]/[from]/[to]/[last]</pre>
<pre><?php echo $baseurl;?>/events/nids/[format]/download/[eventid]/[frame]/[tags]/[from]/[to]/[last]</pre>
<p>
<b>format</b>: The export format, can be "suricata" or "snort"<br />
<b>eventid</b>: Restrict the download to a single event<br />
@ -82,29 +82,29 @@ Use semicolons instead (the search will automatically search for colons instead)
<b>tags</b>: To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'.
You can also chain several tag commands together with the '&amp;&amp;' operator. Please be aware the colons (:) cannot be used in the tag search.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
<pre><?php echo h($baseurl);?>/events/nids/snort/download/false/false/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<pre><?php echo $baseurl;?>/events/nids/snort/download/false/false/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<b>from</b>: Events with the date set to a date after the one specified in the from field (format: 2015-02-15)<br />
<b>to</b>: Events with the date set to a date before the one specified in the to field (format: 2015-02-15)<br />
<b>last</b>: Events published within the last x amount of time, where x can be defined in days, hours, minutes (for example 6d or 12h or 30m)<br />
<p>The keywords false or null should be used for optional empty parameters in the URL.</p>
<p>An example for a suricata export for all events excluding those tagged tag1, without all of the commented information at the start of the file would look like this:</p>
<pre><?php echo h($baseurl);?>/events/nids/suricata/download/null/true/!tag1</pre>
<pre><?php echo $baseurl;?>/events/nids/suricata/download/null/true/!tag1</pre>
<p>Administration is able to maintain a white-list containing host, domain name and IP numbers to exclude from the NIDS export.</p>
<h3>Hash database export</h3>
<p>Automatic export of MD5/SHA1 checksums contained in file-related attributes. This list can be used to feed forensic software when searching for suspicious files. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported.</p>
<p>You can configure your tools to automatically download the following files:</p>
<h4>md5</h4>
<pre><?php echo h($baseurl);?>/events/hids/md5/download</pre>
<pre><?php echo $baseurl;?>/events/hids/md5/download</pre>
<h4>sha1</h4>
<pre><?php echo h($baseurl);?>/events/hids/sha1/download</pre>
<pre><?php echo $baseurl;?>/events/hids/sha1/download</pre>
<p>The API's full format is as follows: </p>
<pre><?php echo h($baseurl);?>/events/hids/[format]/download/[tags]/[from]/[to]/[last]</pre>
<pre><?php echo $baseurl;?>/events/hids/[format]/download/[tags]/[from]/[to]/[last]</pre>
<b>format</b>: The export format, can be "md5" or "sha1"<br />
<b>tags</b>: To include a tag in the results just write its names into this parameter. To exclude a tag prepend it with a '!'.
You can also chain several tag commands together with the '&amp;&amp;' operator. Please be aware the colons (:) cannot be used in the tag search.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
<pre><?php echo h($baseurl);?>/events/hids/md5/download/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<pre><?php echo $baseurl;?>/events/hids/md5/download/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<p>
<b>from</b>: Events with the date set to a date after the one specified in the from field (format: 2015-02-15)<br />
<b>to</b>: Events with the date set to a date before the one specified in the to field (format: 2015-02-15)<br />
@ -112,13 +112,13 @@ Use semicolons instead (the search will automatically search for colons instead)
</p>
<p>The keywords false or null should be used for optional empty parameters in the URL.</p>
<p>For example, to only show sha1 values from events tagged tag1, use:</p>
<pre><?php echo h($baseurl);?>/events/hids/sha1/download/tag1</pre>
<pre><?php echo $baseurl;?>/events/hids/sha1/download/tag1</pre>
<h3>STIX export</h3>
<p>You can export MISP events in Mitre's STIX format (to read more about STIX, click <a href="https://stix.mitre.org/">here</a>). The STIX XML export is currently very slow and can lead to timeouts with larger events or collections of events. The JSON return format does not suffer from this issue. Usage:</p>
<pre><?php echo h($baseurl);?>/events/stix/download</pre>
<pre><?php echo $baseurl;?>/events/stix/download</pre>
<p>Search parameters can be passed to the function via url parameters or by POSTing an xml or json object (depending on the return type). The following parameters can be passed to the STIX export tool: <code>id</code>, <code>withAttachments</code>, <code>tags</code>. Both <code>id</code> and <code>tags</code> can use the <code>&amp;&amp;</code> (and) and <code>!</code> (not) operators to build queries. Using the url parameters, the syntax is as follows:</p>
<pre><?php echo h($baseurl);?>/events/stix/download/[id]/[withAttachments]/[tags]/[from]/[to]/[last]</pre>
<pre><?php echo $baseurl;?>/events/stix/download/[id]/[withAttachments]/[tags]/[from]/[to]/[last]</pre>
<p>
<b>id</b>: The event's ID<br />
<b>withAttachments</b>: Encode attachments where applicable<br />
@ -126,7 +126,7 @@ Use semicolons instead (the search will automatically search for colons instead)
You can also chain several tag commands together with the '&amp;&amp;' operator. Please be aware the colons (:) cannot be used in the tag search.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
</p>
<pre><?php echo h($baseurl);?>/events/stix/download/false/true/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<pre><?php echo $baseurl;?>/events/stix/download/false/true/tag1&amp;&amp;tag2&amp;&amp;!tag3</pre>
<p>
<b>from</b>: Events with the date set to a date after the one specified in the from field (format: 2015-02-15)<br />
<b>to</b>: Events with the date set to a date before the one specified in the to field (format: 2015-02-15)<br />
@ -134,10 +134,10 @@ Use semicolons instead (the search will automatically search for colons instead)
</p>
<p>You can post an XML or JSON object containing additional parameters in the following formats:</p>
<p>JSON:</p>
<pre><?php echo h($baseurl);?>/events/stix/download.json</pre>
<pre><?php echo $baseurl;?>/events/stix/download.json</pre>
<code>{"request": {"id":["!51","!62"],"withAttachment":false,"tags":["APT1","!OSINT"],"from":false,"to":"2015-02-15"}}</code><br /><br />
<p>XML:</p>
<pre><?php echo h($baseurl);?>/events/stix/download</pre>
<pre><?php echo $baseurl;?>/events/stix/download</pre>
<code>&lt;request&gt;&lt;id&gt;!51&lt;/id&gt;&lt;id&gt;!62&lt;/id&gt;&lt;withAttachment&gt;false&lt;/withAttachment&gt;&lt;tags&gt;APT1&lt;/tags&gt;&lt;tags&gt;!OSINT&lt;/tags&gt;&lt;from&gt;false&lt;/from&gt;&lt;to&gt;2015-02-15&lt;/to&gt;&lt;/request&gt;</code><br /><br />
<h3>RPZ export</h3>
@ -156,19 +156,19 @@ Use semicolons instead (the search will automatically search for colons instead)
<b><?php echo h($k);?></b>: <?php echo h($v);?><br />
<?php endforeach; ?>
<p>To override the above values, either use the url parameters as described below:</p>
<pre><?php echo h($baseurl);?>/attributes/rpz/download/[tags]/[eventId]/[from]/[to]/[policy]/[walled_garden]/[ns]/[email]/[serial]/[refresh]/[retry]/[expiry]/[minimum_ttl]/[ttl]</pre>
<pre><?php echo $baseurl;?>/attributes/rpz/download/[tags]/[eventId]/[from]/[to]/[policy]/[walled_garden]/[ns]/[email]/[serial]/[refresh]/[retry]/[expiry]/[minimum_ttl]/[ttl]</pre>
<p>or POST an XML or JSON object with the above listed options: </p>
<code><?php echo h('<request><tags>OSINT&&!OUTDATED</tags><policy>walled-garden</policy><walled_garden>teamliquid.net</walled_garden><refresh>5h</refresh></request>');?></code><br /><br />
<code>{"request": {"tags": ["OSINT", "!OUTDATED"], "policy": "walled-garden", "walled_garden": "teamliquid.net", "refresh": "5h"}</code>
<h4>Various ways to narrow down the search results of the STIX export</h4>
<p>For example, to retrieve all events tagged "APT1" but excluding events tagged "OSINT" and excluding events #51 and #62 without any attachments:
<pre><?php echo h($baseurl);?>/events/stix/download/!51&amp;&amp;!62/false/APT1&amp;&amp;!OSINT/2015-02-15</pre>
<pre><?php echo $baseurl;?>/events/stix/download/!51&amp;&amp;!62/false/APT1&amp;&amp;!OSINT/2015-02-15</pre>
<p>To export the same events using a POST request use:</p>
<pre><?php echo h($baseurl);?>/events/stix/download.json</pre>
<pre><?php echo $baseurl;?>/events/stix/download.json</pre>
<p>Together with this JSON object in the POST message:</p>
<code>{"request": {"id":["!51","!62"],"tags":["APT1","!OSINT"],"from":"2015-02-15"}}</code><br /><br />
<p>XML is automatically assumed when using the stix export:</p>
<pre><?php echo h($baseurl);?>/events/stix/download</pre>
<pre><?php echo $baseurl;?>/events/stix/download</pre>
<p>The same search could be accomplished using the following POSTed XML object (note that ampersands need to be escaped, or alternatively separate id and tag elements can be used): </p>
<code>&lt;request&gt;&lt;id&gt;!51&lt;/id&gt;&lt;id&gt;!62&lt;/id&gt;&lt;tags&gt;APT1&lt;/tags&gt;&lt;tags&gt;!OSINT&lt;/tags&gt;&lt;from&gt;2015-02-15&lt;/from&gt;&lt;/request&gt;</code>
<h3>Text export</h3>
@ -177,21 +177,21 @@ Use semicolons instead (the search will automatically search for colons instead)
<pre>
<?php
foreach ($sigTypes as $sigType) {
echo h($baseurl).'/attributes/text/download/'.$sigType . "\n";
echo $baseurl.'/attributes/text/download/'.$sigType . "\n";
}
?>
</pre>
<p>To restrict the results by tags, use the usual syntax. Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead). To get ip-src values from events tagged tag1 but not tag2 use:</p>
<pre>
<?php
echo h($baseurl).'/attributes/text/download/ip-src/tag1&&!tag2';
echo $baseurl.'/attributes/text/download/ip-src/tag1&&!tag2';
?>
</pre>
<p>As of version 2.3.38, it is possible to restrict the text exports on two additional flags. The first allows the user to restrict based on event ID, whilst the second is a boolean switch allowing non IDS flagged attributes to be exported. Additionally, choosing "all" in the type field will return all eligible attributes. </p>
<pre>
<?php
echo h($baseurl).'/attributes/text/download/[type]/[tags]/[event_id]/[allowNonIDS]/[from]/[to]/[last]';
echo $baseurl.'/attributes/text/download/[type]/[tags]/[event_id]/[allowNonIDS]/[from]/[to]/[last]';
?>
</pre>
<b>type</b>: The attribute type, any valid MISP attribute type is accepted.<br />
@ -200,7 +200,7 @@ You can also chain several tag commands together with the '&amp;&amp;' operator.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
<pre>
<?php
echo h($baseurl).'/attributes/text/download/all/tag1&amp;&amp;tag2&amp;&amp;!tag3';
echo $baseurl.'/attributes/text/download/all/tag1&amp;&amp;tag2&amp;&amp;!tag3';
?>
</pre>
<p>
@ -214,7 +214,7 @@ Use semicolons instead (the search will automatically search for colons instead)
<p>For example, to retrieve all attributes for event #5, including non IDS marked attributes too, use the following line:</p>
<pre>
<?php
echo h($baseurl).'/attributes/text/download/all/null/5/true';
echo $baseurl.'/attributes/text/download/all/null/5/true';
?>
</pre>
@ -223,7 +223,7 @@ Use semicolons instead (the search will automatically search for colons instead)
<p>To return an event with all of its attributes, relations, shadowAttributes, use the following syntax:</p>
<pre>
<?php
echo h($baseurl).'/events/restSearch/download/[value]/[type]/[category]/[org]/[tag]/[quickfilter]/[from]/[to]/[last]';
echo $baseurl.'/events/restSearch/download/[value]/[type]/[category]/[org]/[tag]/[quickfilter]/[from]/[to]/[last]';
?>
</pre>
<b>value</b>: Search for the given value in the attributes' value field.<br />
@ -235,7 +235,7 @@ You can also chain several tag commands together with the '&amp;&amp;' operator.
Use semicolons instead (the search will automatically search for colons instead). For example, to include tag1 and tag2 but exclude tag3 you would use:<br />
<pre>
<?php
echo h($baseurl).'/events/restSearch/download/null/null/null/null/tag1&amp;&amp;tag2&amp;&amp;!tag3';
echo $baseurl.'/events/restSearch/download/null/null/null/null/tag1&amp;&amp;tag2&amp;&amp;!tag3';
?>
</pre>
<b>quickfilter</b>: Enabling this (by passing "1" as the argument) will make the search ignore all of the other arguments, except for the auth key and value. MISP will return an xml / json (depending on the header sent) of all events that have a sub-string match on value in the event info, event orgc, or any of the attribute value1 / value2 fields, or in the attribute comment. <br />
@ -248,7 +248,7 @@ Use semicolons instead (the search will automatically search for colons instead)
<p>POST to:</p>
<pre>
<?php
echo h($baseurl).'/events/restSearch/download';
echo $baseurl.'/events/restSearch/download';
?>
</pre>
<p>POST message payload (XML):</p>
@ -270,27 +270,27 @@ Use semicolons instead (the search will automatically search for colons instead)
<p>The keywords false or null should be used for optional empty parameters in the URL.</p>
<pre>
<?php
echo h($baseurl).'/attributes/restSearch/download/[value]/[type]/[category]/[org]/[tag]/[from]/[to]/[last]/[eventid]';
echo $baseurl.'/attributes/restSearch/download/[value]/[type]/[category]/[org]/[tag]/[from]/[to]/[last]/[eventid]';
?>
</pre>
<p>value, type, category and org are optional. It is possible to search for several terms in each category by joining them with the '&amp;&amp;' operator. It is also possible to negate a term with the '!' operator. Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead).
For example, in order to search for all attributes created by your organisation that contain 192.168 or 127.0 but not 0.1 and are of the type ip-src, excluding the events that were tagged tag1 use the following syntax:</p>
<pre>
<?php
echo h($baseurl).'/attributes/restSearch/download/192.168&&127.0&&!0.1/ip-src/false/' . $me['org'] . '/!tag1';
echo $baseurl.'/attributes/restSearch/download/192.168&&127.0&&!0.1/ip-src/false/' . $me['org'] . '/!tag1';
?>
</pre>
<p>You can also use search for IP addresses using CIDR. Make sure that you use '|' (pipe) instead of '/' (slashes). Please be aware the colons (:) cannot be used in the tag search. Use semicolons instead (the search will automatically search for colons instead). See below for an example: </p>
<pre>
<?php
echo h($baseurl).'/attributes/restSearch/download/192.168.1.1|16/ip-src/null/' . $me['org'];
echo $baseurl.'/attributes/restSearch/download/192.168.1.1|16/ip-src/null/' . $me['org'];
?>
</pre>
<h3>Export attributes of event with specified type as XML</h3>
<p>If you want to export all attributes of a pre-defined type that belong to an event, use the following syntax:</p>
<pre>
<?php
echo h($baseurl).'/attributes/returnAttributes/download/[id]/[type]/[sigOnly]';
echo $baseurl.'/attributes/returnAttributes/download/[id]/[type]/[sigOnly]';
?>
</pre>
<p>sigOnly is an optional flag that will block all attributes from being exported that don't have the IDS flag turned on.
@ -298,7 +298,7 @@ It is possible to search for several types with the '&amp;&amp;' operator and to
For example, to get all IDS signature attributes of type md5 and sha256, but not filename|md5 and filename|sha256 from event 25, use the following: </p>
<pre>
<?php
echo h($baseurl).'/attributes/returnAttributes/download/25/md5&&sha256&&!filename/true';
echo $baseurl.'/attributes/returnAttributes/download/25/md5&&sha256&&!filename/true';
?>
</pre>
@ -306,7 +306,7 @@ For example, to get all IDS signature attributes of type md5 and sha256, but not
<p>If you know the attribute ID of a malware-sample or an attachment, you can download it with the following syntax:</p>
<pre>
<?php
echo h($baseurl).'/attributes/downloadAttachment/download/[Attribute_id]';
echo $baseurl.'/attributes/downloadAttachment/download/[Attribute_id]';
?>
</pre>
<h3>Download malware sample by hash</h3>
@ -315,7 +315,7 @@ For example, to get all IDS signature attributes of type md5 and sha256, but not
<p>You can also get all the samples from an event with a given event ID, by passing along the eventID parameter. Make sure that either an event ID or a hash is passed along, otherwise an error message will be returned. Also, if no hash is set, the allSamples flag will get set automatically.</p>
<pre>
<?php
echo h($baseurl).'/attributes/downloadSample/[hash]/[allSamples]/[eventID]';
echo $baseurl.'/attributes/downloadSample/[hash]/[allSamples]/[eventID]';
?>
</pre>
<p>POST message payload (XML):</p>
@ -333,7 +333,7 @@ For example, to get all IDS signature attributes of type md5 and sha256, but not
<h3>Upload malware samples using the "Upload Sample" API</h3>
<pre>
<?php
echo h($baseurl).'/events/upload_sample/[Event_id]';
echo $baseurl.'/events/upload_sample/[Event_id]';
?>
</pre>
<p>This API will allow you to populate an event that you have modify rights to with malware samples (and all related hashes). Alternatively, if you do not supply an event ID, it will create a new event for you. <br />
@ -359,10 +359,10 @@ The event ID is optional. MISP will accept either a JSON or an XML object posted
<h3>Add or remove tags from events</h3>
<p>You can add or remove an existing tag from an event in the following way:</p>
<pre>
<?php echo h($baseurl).'/events/addTag'; ?>
<?php echo $baseurl.'/events/addTag'; ?>
</pre>
<pre>
<?php echo h($baseurl).'/events/removeTag'; ?>
<?php echo $baseurl.'/events/removeTag'; ?>
</pre>
<p>Just POST a json object in the following format (to the appropriate API depending on whether you want to add or delete a tag from an event):</p>
<code>{"request": {"Event": {"id": "228", "tag": "8"}}}</code><br /><br />

12
app/View/Events/export_alternate.ctp
View File

@ -73,17 +73,17 @@
</div>
<div class="actions <?php echo $debugMode;?>">
<ul class="nav nav-list">
<li><a href="<?php echo h($baseurl);?>/events/index">List Events</a></li>
<li><a href="<?php echo $baseurl;?>/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="<?php echo h($baseurl);?>/events/add">Add Event</a></li>
<li><a href="<?php echo $baseurl;?>/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="<?php echo h($baseurl);?>/attributes/index">List Attributes</a></li>
<li><a href="<?php echo h($baseurl);?>/attributes/search">Search Attributes</a></li>
<li><a href="<?php echo $baseurl;?>/attributes/index">List Attributes</a></li>
<li><a href="<?php echo $baseurl;?>/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li class="active"><a href="<?php echo h($baseurl);?>/events/export">Export</a></li>
<li class="active"><a href="<?php echo $baseurl;?>/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="<?php echo h($baseurl);?>/events/automation">Automation</a></li>
<li><a href="<?php echo $baseurl;?>/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>

4
app/View/Events/filter_event_index.ctp
View File

@ -131,7 +131,7 @@
</tr>
</table>
</div>
<?php echo $this->Form->create('Event', array('id' => 'test', 'url' => h($baseurl) . '/events/index'));?>
<?php echo $this->Form->create('Event', array('id' => 'test', 'url' => $baseurl . '/events/index'));?>
<fieldset>
<?php
echo $this->Form->input('generatedURL', array(
@ -196,7 +196,7 @@ if (showorg == 1) {
simpleFilters.push("org");
}
var baseurl = "<?php echo h($baseurl); ?>";
var baseurl = "<?php echo $baseurl; ?>";
$(document).ready(function() {
$('.datepicker').datepicker().on('changeDate', function(ev) {

30
app/View/Events/index.ctp
View File

@ -86,20 +86,20 @@
</tr>
<?php foreach ($events as $event): ?>
<tr <?php if($event['Event']['distribution'] == 0) echo 'class = "privateRed"'?>>
<td class="short" ondblclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php
if ($event['Event']['published'] == 1) {
?>
<a href="<?php echo h($baseurl)."/events/view/".$event['Event']['id'] ?>" class = "icon-ok" title = "View"></a>
<a href="<?php echo $baseurl."/events/view/".$event['Event']['id'] ?>" class = "icon-ok" title = "View"></a>
<?php
} else {
?>
<a href="<?php echo h($baseurl)."/events/view/".$event['Event']['id'] ?>" class = "icon-remove" title = "View"></a>
<a href="<?php echo $baseurl."/events/view/".$event['Event']['id'] ?>" class = "icon-remove" title = "View"></a>
<?php
}?>&nbsp;
</td>
<?php if (Configure::read('MISP.showorg') || $isAdmin): ?>
<td class="short" ondblclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['orgc']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
@ -110,7 +110,7 @@
</td>
<?php endif;?>
<?php if ($isSiteAdmin || (Configure::read('MISP.showorgalternate') && Configure::read('MISP.showorg'))): ?>
<td class="short" ondblclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['org']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
@ -121,7 +121,7 @@
</td>
<?php endif; ?>
<td style="width:30px;">
<a href="<?php echo h($baseurl)."/events/view/".$event['Event']['id'] ?>"><?php echo $event['Event']['id'];?></a>
<a href="<?php echo $baseurl."/events/view/".$event['Event']['id'] ?>"><?php echo $event['Event']['id'];?></a>
</td>
<?php if (Configure::read('MISP.tagging')): ?>
<td style = "max-width: 200px;width:10px;">
@ -133,30 +133,30 @@
<?php endforeach; ?>
</td>
<?php endif; ?>
<td style="width:30px;" ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td style="width:30px;" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo $event['Event']['attribute_count']; ?>&nbsp;
</td>
<?php if ('true' == $isSiteAdmin): ?>
<td class="short" ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['User']['email']); ?>&nbsp;
</td>
<?php endif; ?>
<td class="short" ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo $event['Event']['date']; ?>&nbsp;
</td>
<td class="short" ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php
if ($event['ThreatLevel']['name']) echo h($event['ThreatLevel']['name']);
else echo h($event['Event']['threat_level_id']);
?>&nbsp;
</td>
<td class="short" ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;
</td>
<td ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo nl2br(h($event['Event']['info'])); ?>&nbsp;
</td>
<td class="short <?php if ($event['Event']['distribution'] == 0) echo 'privateRedText';?>" ondblclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'" title = "<?php echo $event['Event']['distribution'] != 3 ? $distributionLevels[$event['Event']['distribution']] : 'All';?>">
<td class="short <?php if ($event['Event']['distribution'] == 0) echo 'privateRedText';?>" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'" title = "<?php echo $event['Event']['distribution'] != 3 ? $distributionLevels[$event['Event']['distribution']] : 'All';?>">
<?php echo $shortDist[$event['Event']['distribution']]; ?>
</td>
<td class="short action-links">
@ -167,12 +167,12 @@
if ($isSiteAdmin || ($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['org'] == $me['org'])) {
?>
<a href='<?php echo h($baseurl)."/events/edit/".$event['Event']['id'];?>' class = "icon-edit" title = "Edit"></a>
<a href='<?php echo $baseurl."/events/edit/".$event['Event']['id'];?>' class = "icon-edit" title = "Edit"></a>
<?php
echo $this->Form->postLink('', array('action' => 'delete', $event['Event']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete # %s?', $event['Event']['id']));
}
?>
<a href='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>' class = "icon-list-alt" title = "View"></a>
<a href='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>' class = "icon-list-alt" title = "View"></a>
</td>
</tr>
<?php endforeach; ?>

18
app/View/Events/proposal_event_index.ctp
View File

@ -38,22 +38,22 @@
</tr>
<?php foreach ($events as $event):?>
<tr <?php if($event['Event']['distribution'] == 0) echo 'class = "privateRed"'?>>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php
if ($event['Event']['published'] == 1) {
?>
<a href="<?php echo h($baseurl)."/events/view/".$event['Event']['id'] ?>" class = "icon-ok" title = "View"></a>
<a href="<?php echo $baseurl."/events/view/".$event['Event']['id'] ?>" class = "icon-ok" title = "View"></a>
<?php
} else {
?>
<a href="<?php echo h($baseurl)."/events/view/".$event['Event']['id'] ?>" class = "icon-remove" title = "View"></a>
<a href="<?php echo $baseurl."/events/view/".$event['Event']['id'] ?>" class = "icon-remove" title = "View"></a>
<?php
}?>&nbsp;
</td>
<td class="short">
<a href="<?php echo h($baseurl)."/events/view/".$event['Event']['id'] ?>"><?php echo $event['Event']['id'];?></a>
<a href="<?php echo $baseurl."/events/view/".$event['Event']['id'] ?>"><?php echo $event['Event']['id'];?></a>
</td>
<td class="short" onclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'" style="color:red;font-weight:bold;">
<td class="short" onclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'" style="color:red;font-weight:bold;">
<?php echo count($event['ShadowAttribute']); ?>&nbsp;
</td>
<td class="short">
@ -68,17 +68,17 @@
&nbsp;
</td>
<?php if ('true' == $isSiteAdmin): ?>
<td class="short" onclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['User']['email']); ?>&nbsp;
</td>
<?php endif; ?>
<td class="short" onclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo $event['Event']['date']; ?>&nbsp;
</td>
<td onclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td onclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo nl2br(h($event['Event']['info'])); ?>&nbsp;
</td>
<td class="short <?php if ($event['Event']['distribution'] == 0) echo 'privateRedText';?>" onclick="location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short <?php if ($event['Event']['distribution'] == 0) echo 'privateRedText';?>" onclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo $event['Event']['distribution'] != 3 ? $distributionLevels[$event['Event']['distribution']] : 'All';?>
</td>
</tr>

2
app/View/Events/view.ctp
View File

@ -66,7 +66,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
foreach($logEntries as $k => $entry) {
if (Configure::read('MISP.showorg') || $isAdmin) {
?>
<a href="<?php echo h($baseurl)."/logs/event_index/".$event['Event']['id'].'/'.h($entry['Log']['org']);?>" style="margin-right:2px;text-decoration: none;">
<a href="<?php echo $baseurl."/logs/event_index/".$event['Event']['id'].'/'.h($entry['Log']['org']);?>" style="margin-right:2px;text-decoration: none;">
<?php
echo $this->element('img', array('id' => $entry['Log']['org'], 'imgSize' => 24, 'imgStyle' => true));
?>

22
app/View/Pages/administration.ctp
View File

@ -9,17 +9,17 @@ if (!$isSiteAdmin) exit();
<div class="index">
<h2>Administrative actions</h2>
<ul>
<li><a href="<?php echo h($baseurl);?>/events/reportValidationIssuesEvents">reportValidationIssuesEvents</a></li>
<li><a href="<?php echo h($baseurl);?>/attributes/reportValidationIssuesAttributes">reportValidationIssuesAttributes</a></li>
<li><?php echo $this->Form->postLink('generateCount', h($baseurl) . '/events/generateCount');?> (Events need to have no validation issues)</li>
<li><?php echo $this->Form->postLink('generateCorrelation', h($baseurl) . '/attributes/generateCorrelation');?></li>
<li><a href="<?php echo h($baseurl);?>/users/verifyGPG">Verify GPG keys</a> (Check whether every user's GPG key is usable)</li>
<li><?php echo $this->Form->postLink('Extend Organization length', h($baseurl) . '/servers/updateDatabase/extendServerOrganizationLength');?> (Hotfix 2.3.57: Increase the max length of the organization field when adding a new server connection.)</li>
<li><?php echo $this->Form->postLink('Convert log fields to text', h($baseurl) . '/servers/updateDatabase/convertLogFieldsToText');?> (Hotfix 2.3.78: Some of the log fields that were varchar(255) ended up truncating the data. This function will change them to "text")</li>
<li><?php echo $this->Form->postLink('Fix duplicate UUIDs', h($baseurl) . '/servers/pruneDuplicateUUIDs');?> (Hotfix 2.3.107: it was previously possible to get duplicate attribute UUIDs in the database, this script will remove all duplicates and ensure that duplicates will not be entered into the database in the future.)</li>
<li><?php echo $this->Form->postLink('Remove dupicate events (with the same UUID)', h($baseurl) . '/servers/removeDuplicateEvents');?> (Hotfix 2.3.115: In some rare situations it could occur that a duplicate of an event was created on an instance, with the exact same uuid. This action will remove any such duplicates and make sure that this cannot happen again.)</li>
<li><?php echo $this->Form->postLink('Prune orphaned attributes', h($baseurl) . '/attributes/pruneOrphanedAttributes');?> (In some rare occasions it can happen that you end up with some attributes in your database that do not belong to an event - for example during a race condition between an event insert and a delete. This tool will collect and delete any such orphaned attributes. If you ever run into an issue where you cannot add an attribute with a specific valid value, this is probably the reason.)</li>
<li><?php echo $this->Form->postLink('Clean regex table of potentially malicious entries', h($baseurl) . '/regexp/cleanRegexModifiers');?> (Hotfix 2.3.160: Prior to this version it was possible for a user/admin with Regex permission to create a malicious regular expression that could be used to execute arbitrary code. Since this version it is no longer possible to input such expressions, but already existing malicious entries still have to be cleaned using this tool.)</li>
<li><a href="<?php echo $baseurl;?>/events/reportValidationIssuesEvents">reportValidationIssuesEvents</a></li>
<li><a href="<?php echo $baseurl;?>/attributes/reportValidationIssuesAttributes">reportValidationIssuesAttributes</a></li>
<li><?php echo $this->Form->postLink('generateCount', $baseurl . '/events/generateCount');?> (Events need to have no validation issues)</li>
<li><?php echo $this->Form->postLink('generateCorrelation', $baseurl . '/attributes/generateCorrelation');?></li>
<li><a href="<?php echo $baseurl;?>/users/verifyGPG">Verify GPG keys</a> (Check whether every user's GPG key is usable)</li>
<li><?php echo $this->Form->postLink('Extend Organization length', $baseurl . '/servers/updateDatabase/extendServerOrganizationLength');?> (Hotfix 2.3.57: Increase the max length of the organization field when adding a new server connection.)</li>
<li><?php echo $this->Form->postLink('Convert log fields to text', $baseurl . '/servers/updateDatabase/convertLogFieldsToText');?> (Hotfix 2.3.78: Some of the log fields that were varchar(255) ended up truncating the data. This function will change them to "text")</li>
<li><?php echo $this->Form->postLink('Fix duplicate UUIDs', $baseurl . '/servers/pruneDuplicateUUIDs');?> (Hotfix 2.3.107: it was previously possible to get duplicate attribute UUIDs in the database, this script will remove all duplicates and ensure that duplicates will not be entered into the database in the future.)</li>
<li><?php echo $this->Form->postLink('Remove dupicate events (with the same UUID)', $baseurl . '/servers/removeDuplicateEvents');?> (Hotfix 2.3.115: In some rare situations it could occur that a duplicate of an event was created on an instance, with the exact same uuid. This action will remove any such duplicates and make sure that this cannot happen again.)</li>
<li><?php echo $this->Form->postLink('Prune orphaned attributes', $baseurl . '/attributes/pruneOrphanedAttributes');?> (In some rare occasions it can happen that you end up with some attributes in your database that do not belong to an event - for example during a race condition between an event insert and a delete. This tool will collect and delete any such orphaned attributes. If you ever run into an issue where you cannot add an attribute with a specific valid value, this is probably the reason.)</li>
<li><?php echo $this->Form->postLink('Clean regex table of potentially malicious entries', $baseurl . '/regexp/cleanRegexModifiers');?> (Hotfix 2.3.160: Prior to this version it was possible for a user/admin with Regex permission to create a malicious regular expression that could be used to execute arbitrary code. Since this version it is no longer possible to input such expressions, but already existing malicious entries still have to be cleaned using this tool.)</li>
</ul>
</div>
<?php

26
app/View/Pages/doc/administration.ctp
View File

@ -26,7 +26,7 @@
<div class="index">
<h2><a id="diagnostics"></a>Server settings and diagnostics</h2>
<p>Since version 2.3, MISP has a settings and diagnostics tool that allows site-admins to manage and diagnose their MISP installation. You can access this by navigating to Administration - Server settings
<p><img src="<?php echo h($baseurl);?>/img/doc/settings_1.png" alt = "" title = "Server settings overview with all of the tabs explained."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/settings_1.png" alt = "" title = "Server settings overview with all of the tabs explained."/></p><br />
<p>The settings and diagnostics tool is split up into several aspects, all accessible via the tabs ontop of the tool. For any unset or incorrectly set setting, or failed diagnostic a number next to the tab name will indicate the number and severity of the issues. If the number is written with a red font, it means that the issue is critical. First, let's look at the various tabs:</p>
<ul>
<li><b>Overview</b>: General overview of the current state of your MISP installation</li>
@ -39,7 +39,7 @@
<li><b>Workers</b>: Shows the background workers (if enabled) and shows a warning if they are not running. Admins can also restart the workers here.</li>
<li><b>Download report</b>: Download a report in JSON format, compiled of all of the settings visible in the tool.</li>
</ul>
<p><img src="<?php echo h($baseurl);?>/img/doc/settings_2.png" alt = "" title = "The settings tabs explained."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/settings_2.png" alt = "" title = "The settings tabs explained."/></p><br />
<p>Each of the setting pages is a table with each row representing a setting. Coloured rows indicate that the setting is incorrect / not set and the colour determines the severity (red = critical, yellow = recommended, green = optional). The columns are as follows:
<ul>
<li><b>Priority</b>: The severity of the setting.</li>
@ -48,7 +48,7 @@
<li><b>Description</b>: A description of what the setting does.</li>
<li><b>Error Message</b>: If the setting is incorrect / not set, then this field will let the user know what is wrong.</li>
</ul>
<p><img src="<?php echo h($baseurl);?>/img/doc/settings_3.png" alt = "" title = "The workers tab."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/settings_3.png" alt = "" title = "The workers tab."/></p><br />
<p>The workers tab shows a list of the workers that MISP can use. You can restart the workers using the restart all workers, If the button doesn't work, make sure that the workers were started using the apache user. This can however only be done using the command line, refer to the INSTALL.txt documentation on how to let the workers automatically start on each boot.</p>
<ul>
<li><b>Worker Type</b>: The worker type is determined by the queue it monitors. MISP currently has 4 queues (cache, default, email and a special _schdlr_ queue).</li>
@ -68,7 +68,7 @@
The second use is blocking, if a regular expression is entered with a blank replacement, any event info or attribute value containing the expression will not be added. Please make sure the entered regexp expression follows the preg_replace pattern rules as described <a href="http://php.net/manual/en/function.preg-replace.php">here</a>.<br />
<h3>Adding and modifying entries</h3>
Administrators can add, edit or delete regular expression rules, which are made up of a regex pattern that the system searches for and a replacement for the detected pattern.<br />
<p><img src="<?php echo h($baseurl);?>/img/doc/regexp.png" alt = "" title = "Add, edit or remove Regexp entries that will affect all newly created attributes here."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/regexp.png" alt = "" title = "Add, edit or remove Regexp entries that will affect all newly created attributes here."/></p><br />
<hr />
<h2><a id="whitelist"></a>Managing the Signature whitelist</h2>
The signature whitelist view, accessible through the administration menu on the left, allows administrators to create and maintain a list of addresses that are whitelisted from ever being added to the NIDS signatures. Addresses listed here will be commented out when exporting the NIDS list.<br />
@ -76,13 +76,13 @@
While in the whitelist view, click on New Whitelist on the left to bring up the add whitelist view to add a new address. <br />
<h3>Managing the list:</h3>
When viewing the list of whitelisted addresses, the following pieces of information are shown: The ID of the whitelist entry (assigned automatically when a new address is added), the address itself that is being whitelisted and a set of controls allowing you to delete the entry or edit the address.<br />
<img src="<?php echo h($baseurl);?>/img/doc/whitelist.png" alt = "Whitelist" title = "You can edit or delete currently white-listed addresses using the action buttons on this list."/><br />
<img src="<?php echo $baseurl;?>/img/doc/whitelist.png" alt = "Whitelist" title = "You can edit or delete currently white-listed addresses using the action buttons on this list."/><br />
<hr />
<h2><a id="user"></a>Managing the users:</h2>
As an admin, you can set up new accounts for users, edit the profiles of users, delete them, or just have a look at all the viewers' profiles. Organisation admins are restricted to executing the same actions on their organisation's users only.<br />
<h3>Adding a new user:</h3>
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:<br />
<img src="<?php echo h($baseurl);?>/img/doc/add_user.png" alt = "Add user" title = "Fill this form out to add a new user. Keep in mind that the drop-down menu titled Role controls the privileges the user will have."/>
<img src="<?php echo $baseurl;?>/img/doc/add_user.png" alt = "Add user" title = "Fill this form out to add a new user. Keep in mind that the drop-down menu titled Role controls the privileges the user will have."/>
<ul>
<li><b>Email:</b> The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.<br /></li>
<li><b>Password:</b> A temporary password for the user that he/she should change after the first login. Make sure that it is at least 6 characters long, includes a digit or a special character and contains at least one upper-case and at least one lower-case character.<br /></li>
@ -97,7 +97,7 @@
</ul>
<h3>Listing all users:</h3>
To list all current users of the system, just click on List Users under the administration menu to the left. A view will be loaded with a list of all users and the following columns of information:<br />
<img src="<?php echo h($baseurl);?>/img/doc/list_users.png" alt = "List users" title = "View, Edit or Delete a user using the action buttons to the right."/><br />
<img src="<?php echo $baseurl;?>/img/doc/list_users.png" alt = "List users" title = "View, Edit or Delete a user using the action buttons to the right."/><br />
<ul>
<li><b>Id:</b> The user's automatically assigned ID number.<br /></li>
<li><b>Org:</b> The organisation that the user belongs to.<br /></li>
@ -128,7 +128,7 @@
</ul>
<h3>Contacting a user:</h3>
Site admins can use the "Contact users" feature to send all or an individual user an e-mail. Users that have a PGP key set will receive their e-mails encrypted. When clicking this button on the left, you'll be presented with a form that allows you to specify the type of the e-mail, who it should reach and what the content is using the following options:<br />
<img src="<?php echo h($baseurl);?>/img/doc/contact.png" alt = "Contact" title = "Contact your users here."/><br />
<img src="<?php echo $baseurl;?>/img/doc/contact.png" alt = "Contact" title = "Contact your users here."/><br />
<ul>
<li><b>Action:</b> This defines the type of the e-mail, which can be a custom message or a password reset. Password resets automatically include a new temporary password at the bottom of the message and will automatically change the user's password accordingly.<br /></li>
<li><b>Recipient:</b> The recipient toggle lets you contact all your users, a single user (which creates a second drop-down list with all the e-mail addresses of the users) and potential future users (which opens up a text field for the e-mail address and a text area field for a PGP public key).<br /></li>
@ -157,7 +157,7 @@
When creating a new role, you will have to enter a name for the role to be created and set up the permissions (as described above) using the radio toggle and the four check-boxes.<br />
<h3>Listing roles:</h3>
By clicking on the List Roles button, you can view a list of all the currently registered roles and a list of the permission flags turned on for each. In addition, you can find buttons that allow you to edit and delete the roles. Keep in mind that you will need to first remove every member from a role before you can delete it.<br />
<img src="<?php echo h($baseurl);?>/img/doc/list_groups.png" alt = "List roles" title = "You can View, Edit or Delete roles using the action buttons to the right in each row. Keep in mind that a role has to be devoid of members before it can be deleted."/><br />
<img src="<?php echo $baseurl;?>/img/doc/list_groups.png" alt = "List roles" title = "You can View, Edit or Delete roles using the action buttons to the right in each row. Keep in mind that a role has to be devoid of members before it can be deleted."/><br />
<hr />
<h2><a id="logs"></a>Using the logs of MISP</h2>
Users with audit permissions are able to browse or search the logs that MISP automatically appends each time certain actions are taken (actions that modify data or if a user logs in and out).<br />
@ -175,7 +175,7 @@
<br />
<h3>Browsing the logs:</h3>
Listing all the log entries will show the following columns generated by the users of your organisation (or all organisations in the case of site admins):<br />
<img src="<?php echo h($baseurl);?>/img/doc/list_logs.png" alt = "List logs" title = "Here you can view a list of all logged actions."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/list_logs.png" alt = "List logs" title = "Here you can view a list of all logged actions."/><br /><br />
<ul>
<li><b>Id:</b> The automatically assigned ID number of the entry.<br /></li>
<li><b>Email:</b> The e-mail address of the user whose actions triggered the entry.<br /></li>
@ -188,7 +188,7 @@
When the entry is about the creation of a new item (such as adding a new event) then the change will look like this for example:<br />
<i>org()</i> =&gt; <i>(ADMIN)</i>, <i>date()</i> =&gt; <i>(20012-10-19)</i>,... <br />
</ul>
<img src="<?php echo h($baseurl);?>/img/doc/search_log.png" alt = "Search log" style="float:right;" title = "You can search the logs using this form, narrow down your search by filling out several fields."/>
<img src="<?php echo $baseurl;?>/img/doc/search_log.png" alt = "Search log" style="float:right;" title = "You can search the logs using this form, narrow down your search by filling out several fields."/>
<h3>Searching the Logs:</h3>
Another way to browse the logs is to search it by filtering the results according to the following fields (the search is a sub-string search, the sub-string has to be an exact match for the entry in the field that is being searched for):<br /><br />
<ul>
@ -229,7 +229,7 @@
<li><b>Retries</b>: Currently unused, it is planned to introduced automatic delayed retries for the background processing to add resilience.</li>
<li><b>Progress</b>: A progress bar showing how the job is coming along.</li>
</ul>
<br /><img src="<?php echo h($baseurl);?>/img/doc/jobs.png" alt = "" title = "Site administrators can monitor the process of all queued jobs here."/><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/jobs.png" alt = "" title = "Site administrators can monitor the process of all queued jobs here."/><br />
<h3>Scheduling Jobs and Recurring Jobs</h3>
Apart from off-loading long-lasting jobs to the background workers, there is a second major benefit of enabling the background workers: Site-administrators can schedule recurring tasks for the jobs that generally take the longest to execute. At the moment this includes pushing / pulling other instances and generating a full export cache for every organisation and export type. MISP comes with these 3 tasks pre-defined, but further tasks are planned. The following fields make up the scheduled tasks table: <br /><br />
<ul>
@ -241,7 +241,7 @@
<li><b>Description</b>: A brief description of the task.</li>
<li><b>Message</b>: This field shows when the job was queued by the scheduler for execution. </li>
</ul>
<br /><img src="<?php echo h($baseurl);?>/img/doc/schedule.png" alt = "" title = "Site administrators can schedule reccuring tasks on this page."/><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/schedule.png" alt = "" title = "Site administrators can schedule reccuring tasks on this page."/><br />
<h2 ><a id="diagnostics"></a>Frequently asked questions</h2>
<b>Losing access to the platform and resetting the password</b><br /><br />
If you ever lock yourself out of MISP as a site admin, there is a command line tool to reset your password. This can also be handy if you have changed the salt key and invalidated all of the passwords.<br />

2
app/View/Pages/doc/categories_and_types.ctp
View File

@ -77,5 +77,5 @@
</tr>
<?php endforeach;?>
</table>
<p><a href="<?php echo h($baseurl);?>/pages/display/doc/md/categories_and_types">Click here to get the .md version for gitbook generation.</a></p>
<p><a href="<?php echo $baseurl;?>/pages/display/doc/md/categories_and_types">Click here to get the .md version for gitbook generation.</a></p>
</div>

2
app/View/Pages/doc/general.ctp
View File

@ -13,7 +13,7 @@
<div class="index">
<h2>General Layout</h2>
<h3>The top bar</h3>
<p><img src="<?php echo h($baseurl);?>/img/doc/menu_image.png" alt = "" title = "This is the main menu that will be accessible from all of the views. In some instances, some additional buttons that will appear on top of these when a view provides it."/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/menu_image.png" alt = "" title = "This is the main menu that will be accessible from all of the views. In some instances, some additional buttons that will appear on top of these when a view provides it."/></p>
<p>This menu contains all of the main functions of the site as a series of dropdown menues. These contains all (from the current user's perspective) accessible functions sorted into several groups.</p>
<ul>
<li><b>Home button:</b> This button will return you to the start screen of the application, which is the event index page (more about this later).</li>

6
app/View/Pages/doc/quickstart.ctp
View File

@ -17,10 +17,10 @@ targeted malware and attacks within your community of trusted members. It is a c
non-technical information. Exchanging this information should result in faster detection of targeted attacks and improve the detection ratio,
while also reducing the number of false positives.</p>
<h3>Create an Event</h3>
<p><img src="<?php echo h($baseurl);?>/img/doc/quick_create.jpg" alt = "" title = ""/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/quick_create.jpg" alt = "" title = ""/></p>
<h3>Browsing past Events</h3>
<p><img src="<?php echo h($baseurl);?>/img/doc/quick_browse.jpg" alt = "" title = ""/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/quick_browse.jpg" alt = "" title = ""/></p>
<h3>Export Events for logsearches</h3>
<p><img src="<?php echo h($baseurl);?>/img/doc/quick_export.jpg" alt = "" title = ""/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/quick_export.jpg" alt = "" title = ""/></p>
</div>

8
app/View/Pages/doc/user_management.ctp
View File

@ -23,10 +23,10 @@
<ul>
<li><b>Acceping the Terms of use:</b> The terms of use are shown immediately after logging in for the first time, make sure to read through this page before clicking "Accept Terms" at the bottom of the page.<br /><br /></li>
<li><b>Changing the password:</b> After accepting the ToU, you'll be prompted to change your password, but keep in mind that it has to be at least 6 characters long, it has to include at least one upper-case and one lower-case character in addition to a digit or a special character. Enter the same password into the confirm password field, before clicking submit to finalise the change.<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/password.png" alt = "" title="Changing the password"></p><br /></li>
<p><img src="<?php echo $baseurl;?>/img/doc/password.png" alt = "" title="Changing the password"></p><br /></li>
<li><b>Setting up the GPG Key:</b> In order for the system to be able to encrypt the messages that you send through it, it needs to know your GPG key. Navigate to the Edit profile view (My Profile on the left -&gt; Edit profile in the top right corner). Paste the key into the Gpgkey field and click submit.<br /><br /></li>
<li><b>Subscribing to Auto-alerts:</b> Turning auto-alerts on will allow the system to send you e-mail notifications about any new public events entered into the system by other users and private events added by members of your organisation. To turn this on, navigate to the Edit profile view (My profile on the left navigation menu -&gt; Edit profile in the top right corner). Tick the auto-alert checkbox and click submit to enable this feature.<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/alerts.png" alt = "" title="Use these checkboxes to subscribe to auto-alerts and contact reporter e-mails."></p><br /></li>
<p><img src="<?php echo $baseurl;?>/img/doc/alerts.png" alt = "" title="Use these checkboxes to subscribe to auto-alerts and contact reporter e-mails."></p><br /></li>
<li><b>Subscribing to e-mails sent via the "Contact Reporter" functionality:</b> This feature is turned on right below the autoalerts and will allow you to receive e-mails addressed to your organisation whenever a user tries to ask about an event that was posted by a user of your organisation. Keep in mind that you can still be addressed by such a request even when this setting is turned off, if someone tries to contact you as the event creator directly or your organisation for an event that you personally have created then you will be notified.<br /><br />
<li><b>Reviewing the Terms &amp; Conditions:</b> To review the Terms &amp; Conditions or to read the User Guide, use the appropriate button on the left navigation menu.<br /><br /></li>
<li><b>Making sure that compatibility mode is turned off (IE9&amp;IE10):</b>Compatibility mode can cause some elements to appear differently than intended or not appear at all. Make sure you have this option turned off.</li></ul>
@ -35,7 +35,7 @@
To alter any details regarding your profile, use the "My Profile" menu button to bring up the profile overview and then click on "Edit Profile" in the right upper corner.<br>
<ul>
<li style="list-style: none">
<p><img src="<?php echo h($baseurl);?>/img/doc/edit_user.png" title="Change any of your profile settings here."></p><br>
<p><img src="<?php echo $baseurl;?>/img/doc/edit_user.png" title="Change any of your profile settings here."></p><br>
</li>
<li><b>Changing your e-mail address:</b> Your e-mail address serves as both a login name and as a means of communication with other users of the MISP system via the contact reporter feature. To change your e-mail address, just enter the edit profile menu (My profile on the left navigation menu -&gt; Edit profile in the top right corner) and change the field titled Email.<br /><br /></li>
<li><b>Changing the password:</b> As a next step, change the password provided by your administrator to something of your own choosing. Click on My profile on the left navigation menu, under Global Actions, which will bring up the User view. Click on Edit User on the left navigation menu or Edit Profile in the top right corner. This next screen, allows you to edit your details, including your password, by filling out the password field. Keep in mind that the password has to be at least 6 characters long, has to include at least one upper-case and one lower-case character in addition to a digit or a special character. Enter the same password into the confirm password field, before clicking submit to finalise the change.<br /><br /></li>
@ -43,7 +43,7 @@ To alter any details regarding your profile, use the "My Profile" menu button to
<li><b>Subscribing to e-mails sent via the "Contact Reporter" functionality:</b> Turning this feature on will allow you to receive e-mails addressed to your organisation whenever a user tries to ask about an event that was posted by a user of your organisation. Keep in mind that you can still be addressed by such a request even when this setting is turned off, if someone tries to contact the person that reported an event that you yourself have created.<br /><br /></li>
<li><b>Setting up the GPG Key:</b> In order for the system to be able to encrypt the messages that you send through it, it needs to know your GPG key. You can acquire this by clicking on the PGP/GPG key link at the bottom left of the screen. Copy the entirety of the key and navigate to the Edit profile view (My Profile on the left -&gt; Edit profile in the top right corner). Paste the key into the Gpgkey field and click submit.<br /><br /></li>
<li><b>Requesting a new authentication key:</b> It is possible to make the system generate a new authentication key for you (for example if your previous one gets compromised. This can be accessed by clicking on the My Profile button and then clicking the reset key next to the currently active authentication code. The old key will become invalid when the new one is generated.<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/reset.png" alt = "" title="Clicking on reset will generate a new key for you and invalidate the old one, blocking it from being used."></p></li></ul>
<p><img src="<?php echo $baseurl;?>/img/doc/reset.png" alt = "" title="Clicking on reset will generate a new key for you and invalidate the old one, blocking it from being used."></p></li></ul>
<hr />
<a id="uptodate"></a><h3>Staying up to date:</h3>
MISP also provides its users with some information about itself and its users through the links provided in the Global Actions menu.<br><br>

66
app/View/Pages/doc/using_the_system.ctp
View File

@ -28,7 +28,7 @@
The process of entering an event can be split into 3 phases, the creation of the event itself, populating it with attributes
and attachments and finally publishing it.<br /><br />
During this first step, you will be create a basic event without any actual attributes, but storing general information such as a description, time and risk level of the incident. To start creating the event, click on the New Event button on the left and fill out the form you are presented with. The following fields need to be filled out:<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/add_event.png" alt = "" style="float:right;" title = "Fill this form out to create a skeleton event, before proceeding to populate it with attributes and attachments."/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/add_event.png" alt = "" style="float:right;" title = "Fill this form out to create a skeleton event, before proceeding to populate it with attributes and attachments."/></p>
<ul>
<li><b>Date:</b> The date when the incident has happened. Just click this field and a date-picker will pop up where you can select the desired date.</li>
<li><b>Distribution:</b>
@ -81,11 +81,11 @@ and attachments and finally publishing it.<br /><br />
<a id="create_attribute"></a><h3>Add attributes to the event:</h3>
The second step of creating an event is to populate it with attributes and attachments. This can be done by adding them manually or importing the attributes from an external format (OpenIOC, ThreatConnect). To import from an external format or to upload an attachment use the options in the menu on the left.<br />
<br />
<img src="<?php echo h($baseurl);?>/img/doc/attribute_tools.png" alt="Attribute tools" title = "Use these tools to populate the event."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/attribute_tools.png" alt="Attribute tools" title = "Use these tools to populate the event."/><br /><br />
<p>Using the above shown buttons, you can populate an event using various tools that will be explained in the following section. Let's start with the Add Attribute button.</p>
<h4>Add Attribute</h4>
<p>Keep in mind that the system searches for regular expressions in the value field of all attributes when entered, replacing detected strings within it as set up by the server's administrator (for example to enforce standardised capitalisation in paths for event correlation or to bring exact paths to a standardised format). The following fields need to be filled out:</p>
<p><img src="<?php echo h($baseurl);?>/img/doc/add_attribute.png" alt = "Add attribute" title = "This form allows you to add attributes."/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/add_attribute.png" alt = "Add attribute" title = "This form allows you to add attributes."/></p>
<ul>
<li><b>Category:</b> This drop-down menu explains the category of the attribute, meaning what aspect of the malware this attribute is describing. This could mean the persistence mechanisms of the malware or network activity, etc. For a list of valid categories, <?php echo $this->Html->link(__('click here', true), array('controller' => 'pages', 'action' => 'display', 'doc', 'categories_and_types')); ?></li>
<li><b>Type:</b> Whilst categories determine what aspect of an event they are describing, the Type explains by what means that aspect is being described. As an example, the source IP address of an attack, a source e-mail address or a file sent through an attachment can all describe the payload delivery of a malware. These would be the types of attributes with the category of payload deliver. For an explanation of what each of the types looks like together with the valid combinations of categories and types, <?php echo $this->Html->link(__('click here', true), array('controller' => 'pages', 'action' => 'display', 'doc', 'categories_and_types')); ?>.</li>
@ -101,10 +101,10 @@ The second step of creating an event is to populate it with attributes and attac
<h3>Populate from Template</h3>
<p>Templates allow users to rapidly populate events of a specific type by filling out a series of pre-defined fields. Users with template creation privileges can create new templates for their organisations or for all organisations on their instance. If you are interested in template creation, please refer to the templating section.<br />
For users trying to populate an event, after clicking on the populate from template button, you'll be presented with a list of all currently accessible templates. Pick the one that best describes the event that you are creating. </p>
<img src="<?php echo h($baseurl);?>/img/doc/template_choice.png" alt="Template Choice" title = "Choose the most appropriate template for your event."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/template_choice.png" alt="Template Choice" title = "Choose the most appropriate template for your event."/><br /><br />
<p>Once you have chosen a template, you'll be presented with the actual form contained within. Make sure you fill out as many fields as possible with the mandatory fields - marked by a star in a bracket such as this: (*) - are filled out.<br />
Templates are devided into sections, with each section having a title and a description in addition to a series of fields. Each field can be an attribute or a file attachment field. An attribute field has the following components:</p>
<img src="<?php echo h($baseurl);?>/img/doc/template_field.png" alt="Template Field" title = "MISP will generate attributes based on the field's settings and the data that you provide."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/template_field.png" alt="Template Field" title = "MISP will generate attributes based on the field's settings and the data that you provide."/><br /><br />
<ul>
<li><b>Field</b>: The name of the field along with an indication if the field is mandatory.</li>
<li><b>Description</b>: A short description of the field.</li>
@ -112,17 +112,17 @@ Templates are devided into sections, with each section having a title and a desc
<li><b>Text field</b>: This field can either be a single line textfield or a multi-line text area. For the former, enter a single value of the above indicated type, whilst for the latter you cna paste a list of values separated by line-breaks.</li>
</ul>
<h3>Freetext Import Tool</h3>
<img src="<?php echo h($baseurl);?>/img/doc/freetext1.png" alt="Freetext" title = "Just paste a line-break separated list of indicators into the freetext import tool."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/freetext1.png" alt="Freetext" title = "Just paste a line-break separated list of indicators into the freetext import tool."/><br /><br />
<p>If you have a list of indicators that you would like to quickly generate attributes out of then the Free-text import tool is just what you need. Simply paste a list of indicators (separated by line-breaks into this tool).</p>
<img src="<?php echo h($baseurl);?>/img/doc/freetext2.png" alt="Freetext" title = "MISP will often find several valid category/type combinations for the values. Do last minute adjustments on the result page."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/freetext2.png" alt="Freetext" title = "MISP will often find several valid category/type combinations for the values. Do last minute adjustments on the result page."/><br /><br />
<p>Since there are several category / type combinations that can be valid for a lot of values, MISP will suggest the most common settings. You can alter the category / type / IDS fields manually if you disagree with the results. The options will be restricted to valid category/type combinations for the value that you have entered.</p>
<h3>Attribute Replace Tool</h3>
<p>If you would like to create and maintain an event with a set of indicators that receives removals and additions over time, then the attribute replace tool might make this task easier for you.</p>
<img src="<?php echo h($baseurl);?>/img/doc/attribute_replace_tool.png" alt="Attribute Replace Tool" title = "Select a category/type combination and paste the updated list of indicators into the textarea."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/attribute_replace_tool.png" alt="Attribute Replace Tool" title = "Select a category/type combination and paste the updated list of indicators into the textarea."/><br /><br />
<p>Simply select the desired category / type combination, choose whether the attributes should be marked for IDS exports and paste the new list of indicators into the textarea. Attributes of the same category/type that are present in the event but not the new list will be removed, values in the pasted list that do not yet exist as attributes will be created as attributes and values that already have matching attributes will be left untouched.</p>
<h3>Add attachments to the event:</h3>
You can also upload attachments, such as the malware itself, report files from external analysis or simply artifacts dropped by the malware. Clicking on the add attachment button brings up a form that allows you to quickly attach a file to the event. The following fields need to be filled out:<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/add_attachment.png" alt = "Add attachment" title = "Point the uploader to the file you want to upload. Make sure to mark it as malware if the uploaded file is harmful, that way it will be neutralised."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/add_attachment.png" alt = "Add attachment" title = "Point the uploader to the file you want to upload. Make sure to mark it as malware if the uploaded file is harmful, that way it will be neutralised."/></p><br />
<ul>
<li><b>Category:</b> The category is the same as with the attributes, it answers the question of what the uploaded file is meant to describe.</li>
<li><b>Distribution:</b> This drop-down list allows you to control who will be able to see this attachment.
@ -135,19 +135,19 @@ You can also upload attachments, such as the malware itself, report files from e
<hr />
<h3>Propose a change to an event that belongs to another organisation</h3>
If you would like to propose a modification to an attribute, or to propose some additional attributes to the creating organisation, you can do this with the buttons that replace the add attribute field on the left and the edit icon on the right end of each listed attribute in the event view. The creating organisation of the event will be able to see any proposals and discard or accept the changes.
<p><img src="<?php echo h($baseurl);?>/img/doc/proposal.png" alt = "Propose attribute" title = "An attribute with a proposal attached will turn blue and the proposal itself will be grey. If there is a grey proposal without a blue attribute infront of it, it means that someone has proposed a new attribute"/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/proposal.png" alt = "Propose attribute" title = "An attribute with a proposal attached will turn blue and the proposal itself will be grey. If there is a grey proposal without a blue attribute infront of it, it means that someone has proposed a new attribute"/></p><br />
If the organisation that has created the event is on another connected server, they will be able to accept the proposal once they initiate a pull and receive your proposal. After this they can republish the event, sending the altered attribute back to your instance.
<hr />
<h3>Populate from OpenIOC</h3>
It is also possible to attempt to import the data contained in a .ioc file, The import tool will attempt to gather as many IndicatorItems within nested logical operators as possible without breaking their validity. After the procedure is done, you'll be presented with a list of successfully created attributes and a list of failed IndicatorItems as well as a graph of the .ioc file.
<p><img src="<?php echo h($baseurl);?>/img/doc/ioc1.png" alt = "OpenIOC1" title = "The import tool will list the successful and failed entries after the process is done."/></p><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/ioc2.png" alt = "OpenIOC2" title = "You'll also be able to see a graph of the imported .ioc file and how successful the import was."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/ioc1.png" alt = "OpenIOC1" title = "The import tool will list the successful and failed entries after the process is done."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/ioc2.png" alt = "OpenIOC2" title = "You'll also be able to see a graph of the imported .ioc file and how successful the import was."/></p><br />
<hr />
<h3>Populate from ThreatConnect</h3>
You can also import the data from a ThreatConnect export csv file. The following columns are used by the import tool (and are thus mandatory fields to select during the export): <br /><ul><li>Type</li><li>Value</li><li>Confidence</li><li>Description</li><li>Source</li></ul>The result will be a list of attributes that get added to the currently selected event, each of which will be marked with a comment that indicates that its origin being from a ThreatConnect import.
<hr />
<h3>Publish an event:</h3>
<p><img src="<?php echo h($baseurl);?>/img/doc/publish.png" alt = "Publish" style="float:right;" title = "Only use publish (no email) for minor changes such as the correction of typos."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/publish.png" alt = "Publish" style="float:right;" title = "Only use publish (no email) for minor changes such as the correction of typos."/></p><br />
Once all the attributes and attachments that you want to include with the event are uploaded / set, it is time to finalise its creation by publishing the event (click on publish event in the event view). This will alert the eligible users of it (based on the private-controls of the event and its attributes/attachments and whether they have auto-alert turned on), push the event to instances that your instance connects to and propagate it further based on the distribution rules. It also readies the network related attributes for NIDS signature creation (through the NIDS signature export feature, for more information, go to the export section.).<br /><br />
There is an alternate way of publishing an event without alerting any other users, by using the "publish (no email)" button. This should only be used for minor edits (such as correcting a typo). <br />
<br />
@ -157,7 +157,7 @@ If your instance has background jobs enabled then the event might not get publis
The MISP interface allows the user to have an overview over or to search for events and attributes of events that are already stored in the system in various ways.<br /><br />
<h3>To list all events:</h3>
On the left menu bar, the option "List events" will generate a list of the last 60 events. While the attributes themselves aren't shown in this view, the following pieces of information can be seen:<br /><br />
<img src="<?php echo h($baseurl);?>/img/doc/list_events2.png" alt = "List events" title = "This is the list of events in the system. Use the buttons to the right to alter or view any of the events."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/list_events2.png" alt = "List events" title = "This is the list of events in the system. Use the buttons to the right to alter or view any of the events."/><br /><br />
<ul>
<li><b>Published:</b> Already published events are marked by a checkmark. Unpublished events are marked by a cross.</li>
<li><b>Org:</b> The organisation that created the event.</li>
@ -199,7 +199,7 @@ On the left menu bar, the option "List events" will generate a list of the last
<h3>Filters</h3>
<p>It is also possible to filter the events shown by clicking on the small magnifying glass icons next to the field names and entering a filter term.</p>
<h3>Event view</h3>
<img src="<?php echo h($baseurl);?>/img/doc/event_detail.png" alt = "Event" title = "This view includes the basic information about an event, a link to related events, all attributes and attachments with tools to modify or delete them and extra functions for publishing the event or getting in touch with the event's reporter."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/event_detail.png" alt = "Event" title = "This view includes the basic information about an event, a link to related events, all attributes and attachments with tools to modify or delete them and extra functions for publishing the event or getting in touch with the event's reporter."/><br /><br />
<b>General Event Information</b>
<ul>
<li><b>ID:</b> The ID of the event.</li>
@ -230,8 +230,8 @@ The currently selected event is coloured blue in the graph. If you would like to
A list of all attributes and proposals attached to the event. The fields for each of them only differ in the available actions and the fact that for proposals to attributes all fields are blank that would stay unchanged if the proposal was accepted (for example, proposing a change to an attribute to turn the IDS flag on will have all fields apart from the IDS flag blank in the proposal. Here is a list of what each of the fields represents: <br />
<ul>
<li><b>Date</b>: The date of the last modification to the attribute. Proposals don't have a date of last edit.</li>
<li><b>Category</b>: The category of the attribute or proposal. For a list of possible categories visit the section on <a href="<?php echo h($baseurl);?>/pages/display/doc/categories_and_types">categories and types</a>.</li>
<li><b>Type</b>: The type of the attribute or proposal. For a list of possible categories visit the section on <a href="<?php echo h($baseurl);?>/pages/display/doc/categories_and_types">categories and types</a>.</li>
<li><b>Category</b>: The category of the attribute or proposal. For a list of possible categories visit the section on <a href="<?php echo $baseurl;?>/pages/display/doc/categories_and_types">categories and types</a>.</li>
<li><b>Type</b>: The type of the attribute or proposal. For a list of possible categories visit the section on <a href="<?php echo $baseurl;?>/pages/display/doc/categories_and_types">categories and types</a>.</li>
<li><b>Value</b>: The value or value-pair of the attribute. This is the main payload of the attribute, which is described by the category and type columns. For certain types of attributes that are made up of value-pairs the two parts will be split by a pipe (|), such as for filename|md5. The value field(s) are used by the correlation engine to find relations between events. In value-pair attributes both values are correlated individually. </li>
<li><b>Comment</b>: Attributes can have a contextual comment to further describe the attribute. These comments are not used for correlation and are purely informative. </li>
<li><b>Related Events</b>: A list of the event IDs that also contain an attribute with the same value. </li>
@ -276,7 +276,7 @@ Here is a list of the various tools you can use while using this feature:<br /><
<hr />
<h3>Listing all attributes:</h3>
Apart from having a list of all the events, it is also possible to get a list of all the stored attributes in the system by clicking on the list attributes button. The produced list of attributes will include the followings fields:<br /><br />
<img src="<?php echo h($baseurl);?>/img/doc/list_attributes2.png" alt = "" title = "Use the buttons to the right to view the event that this attribute belongs to or to modify/delete the attribute."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/list_attributes2.png" alt = "" title = "Use the buttons to the right to view the event that this attribute belongs to or to modify/delete the attribute."/><br /><br />
<ul>
<li><b>Event:</b> This is the ID number of the event that the attribute is tied to. If an event belongs to your organisation, then this field will be coloured red.</li>
<li><b>Org:</b> The organisation that has created the event.</li>
@ -290,11 +290,11 @@ Here is a list of the various tools you can use while using this feature:<br /><
<hr />
<h3>Searching for attributes:</h3>
Apart from being able to list all events, it is also possible to search for data contained in the value field of an attribute, by clicking on the "Search Attributes" button.<br /><br />
<img src="<?php echo h($baseurl);?>/img/doc/search_attribute.png" alt = "Search attribute" title = "You can search for attributes by searching for a phrase contained in its value. Narrow your search down by selecting a type and/or a category which the event has to belong to."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/search_attribute.png" alt = "Search attribute" title = "You can search for attributes by searching for a phrase contained in its value. Narrow your search down by selecting a type and/or a category which the event has to belong to."/><br /><br />
This will bring up a form that lets you enter one or several search strings (separate search strings with line breaks) that will be compared to the values of all attributes, along with options to narrow down the search based on category and type. The entered search string has to be an exact match with (the sub-string of) a value. A second text field makes it possible to enter event IDs for events that should be excluded from the search (again, each line represents an event ID to be excluded). The third text field allows the user to restrict the results to attributes from certain organisations or to attributes not created by certain other organisations, using the above described syntax.<br /><br />
The list generated by the search will look exactly the same as listing all attributes, except that only the attributes that matched the search criteria will be listed (to find out more about the list attributes view, <?php echo $this->Html->link(__('click here', true), array('controller' => 'pages', 'action' => 'display', 'doc', 'categories_and_types')); ?>.). The search parameters will be shown above the produced list and the search terms will be highlighted.<br /><br />
The last option is a checkbox that restricts all of the results to attributes that are marked as IDS signatures.<br />
<br /><img src="<?php echo h($baseurl);?>/img/doc/search_attribute_result.png" alt = "" title = "You can view the event that an attribute belongs to with the view button, or you can edit/delete the attribute via the buttons on the right."/><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/search_attribute_result.png" alt = "" title = "You can view the event that an attribute belongs to with the view button, or you can edit/delete the attribute via the buttons on the right."/><br />
<hr />
<a id="update_events"></a><h2>Updating and modifying events and attributes:</h2>
Every event and attribute can easily be edited. First of all it is important to find the event or attribute that is to be edited, using any of the methods mentioned in the section on <a href="#browsing_events">browsing past events</a>.<br /><br />
@ -303,7 +303,7 @@ Keep in mind that editing any event (either directly or indirectly through an at
<hr />
<a id="tagging"></a><h2>Tagging:</h2>
<p>As described earlier, users with tagging rights can arbitrarily tag events using tags chosen from a pool of available options. If you have tagging privileges and would like to create a new tag, navigate to Event Actions - Add Tag. You'll be presented with the following form:</p>
<img src="<?php echo h($baseurl);?>/img/doc/tag.png" alt = "Add tag" title = "Enter a name for the tag and click on the color field to be able to pick a colour for it."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/tag.png" alt = "Add tag" title = "Enter a name for the tag and click on the color field to be able to pick a colour for it."/><br /><br />
<p>Fill out the following fields:</p>
<ul>
<li><b>Name</b>: Pick a name for the tag. Try to use consistent naming conventions across your instance, to avoid confusion.</li>
@ -314,7 +314,7 @@ Keep in mind that editing any event (either directly or indirectly through an at
<p>Newer users can easily be overwhelmed by having to manually populate events with attributes without any guidance. What sort of information should go into the event? What should be the category and type of a C2 IP? Templates allow users to use simple forms to populate events.<br /><br />
Even though MISP ships with a few default templates, it is possible for users (with the appropriate templating privilege) to create new templates for their users or for all users of the instance. Let's look at how you can create a template.<br />
First go to Event Actions - Add Template to go to the event creation view.</p>
<img src="<?php echo h($baseurl);?>/img/doc/create_template.png" alt = "Create Template" title = "Fill in the generic information about the template."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/create_template.png" alt = "Create Template" title = "Fill in the generic information about the template."/><br /><br />
<p>The following fields have to be filled out:</p>
<ul>
<li><b>Name</b>: The name of the template should describe what type of an event it should be used to generate attributes.</li>
@ -324,7 +324,7 @@ First go to Event Actions - Add Template to go to the event creation view.</p>
</ul>
<p>Once the skeleton template is created, you can start populating the template with data. There are 3 types of elements that can be used during the creation of a template: attribute, file and text elements. Text elements divide the template into sections with an information field, followed by all of the attribute/file fields until a new text field is read. Don't worry about the order of the elements during creation, they can be re-arranged using drag &amp; drop. Let's look at the 3 element types:</p>
<p><b>Attribute Element</b></p>
<img src="<?php echo h($baseurl);?>/img/doc/template_attribute.png" alt = "Template Attribute Element" title = "This element will generate regular attributes based on user entry."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/template_attribute.png" alt = "Template Attribute Element" title = "This element will generate regular attributes based on user entry."/><br /><br />
<p>The following fields have to be filled out:</p>
<ul>
<li><b>Name</b>: The field name that will be presented to the user.</li>
@ -337,7 +337,7 @@ First go to Event Actions - Add Template to go to the event creation view.</p>
<li><b>Batch import element</b>: Allow for multiple values to be entered (separated by line breaks).</li>
</ul>
<p><b>File Element</b></p>
<img src="<?php echo h($baseurl);?>/img/doc/template_file.png" alt = "Template File Element" title = "This element will generate attachments based on user entry."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/template_file.png" alt = "Template File Element" title = "This element will generate attachments based on user entry."/><br /><br />
<p>The following fields have to be filled out:</p>
<ul>
<li><b>Name</b>: The field name that will be presented to the user.</li>
@ -348,7 +348,7 @@ First go to Event Actions - Add Template to go to the event creation view.</p>
<li><b>Batch import element</b>: Ticking this checkbox allows users to upload several files using this element.</li>
</ul>
<p><b>Text Element</b></p>
<img src="<?php echo h($baseurl);?>/img/doc/template_text.png" alt = "Template Text Element" title = "This element will start a section in the template, which continues until the next text element or the end of the template."/><br /><br />
<img src="<?php echo $baseurl;?>/img/doc/template_text.png" alt = "Template Text Element" title = "This element will start a section in the template, which continues until the next text element or the end of the template."/><br /><br />
<p>The following fields have to be filled out:</p>
<ul>
<li><b>Name</b>: The name of the section that will be presented to the user.</li>
@ -358,19 +358,19 @@ First go to Event Actions - Add Template to go to the event creation view.</p>
<a id="contact"></a><h2>Contacting the reporter:</h2>
To get in touch with the reporter of a previously registered event, just find the event for which you would like to contact the reporter by either finding it on the list of events, by finding it through one of its attributes or by finding it through a related event.<br /><br />
Once the event is found and the event view opened, click the button titled "Contact Reporter". This will bring up a view where you can enter your message that is to be e-mailed to all members of the reporting organisation that subscribe to receiving such reports or the reporting user himself. Along with your message, the detailed information about the event in question will be included in the e-mail.<br /><br />
<br /><img src="<?php echo h($baseurl);?>/img/doc/contact_reporter.png" alt = "" title = "Enter your message to the reporter and choose whether his/her entire organisation should get the message or not by ticking the check-box."/><br /><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/contact_reporter.png" alt = "" title = "Enter your message to the reporter and choose whether his/her entire organisation should get the message or not by ticking the check-box."/><br /><br />
By default, the message will be sent to every member of the organisation that posted the event in the first place, but if you tick the check-box below the message field before sending the mail, only the person that reported the event will get e-mailed. <br />
<hr />
<a id="automation"></a><h2>Automation:</h2>
It is possible to quickly and conveniently export the data contained within the system using the automation features located in the main menu on the left (available to users with authentication key access only). There are various sets of data that can be exported, by using the authentication key provided by the system (also shown on the export page). If for whatever reason you would need to invalidate your current key and get a new one instead (for example due to the old one becoming compromised) just hit the reset link next to the authentication key in the export view or in your "my profile" view.<br /><br />
To find out about the various export formats and the usage within the automation functions, please read the page on <a href="<?php echo h($baseurl);?>/events/automation">automation</a>.
To find out about the various export formats and the usage within the automation functions, please read the page on <a href="<?php echo $baseurl;?>/events/automation">automation</a>.
<hr />
<a id="export"></a><h2>Exporting data:</h2>
For users that do not have authentication key access, an alternate export feature is available that relies on your interactive login to the site. To access these, just use the export menu button to the left and you'll be presented with a list of export options.<br /><br/>
Depending on your server's configuration, you will be presented with one of two possible pages, depending on whether you have background processing enabled or not. (The setting on this instance is currently set to: <code><?php echo (Configure::read('MISP.background_jobs') == true ? 'On' : 'Off'); ?></code>)<br /><br />
<br /><h4>Export page with background jobs <code>disabled</code></h4>
The page will list a set of export formats that you can immediately download as a file. Just click on the desired export format and MISP will start collecting all the data that you will receive in a file. Keep in mind that this can be a lengthy process. To avoid having to wait, consult with your instance's site administrator about enabling the background processing.<br />
<br /><img src="<?php echo h($baseurl);?>/img/doc/export.png" alt = "" title = "Use the export features here to quickly download data in various formats"/><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/export.png" alt = "" title = "Use the export features here to quickly download data in various formats"/><br />
<br /><h4>Export page with background jobs <code>enabled</code></h4>
If the background jobs are enabled, you'll be redirected to a different version of the export page. Here you will see a table with all of the major export formats and the current status of the cached export files. Keep in mind that these are generated on an organisation by organisation basis, so even though others have generated newer export caches your organisation may have an outdated cache. You can simply issue a generate command (by clicking the "Generate" button) on the desired export type and the background workers will start fetching and assembling your cache. A progress bar will show the progress of the export process.<br />
Once done, you can click "Download" to download the freshly generated cache file. If the cache is already up to date from before, then you don't have to regenerate the cache, just click on the "download" button. <br /> <br />
@ -384,18 +384,18 @@ A quick description of each of the fields in the table:<br /><br />
<li><b>Progress</b>: Shows the progress of the last initiated generation process.</li>
<li><b>Actions</b>: Download or Generate the given cache with these buttons. </li>
</ul>
<br /><img src="<?php echo h($baseurl);?>/img/doc/export_bg.png" alt = "" title = "Use the export features here to quickly download data in various formats"/><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/export_bg.png" alt = "" title = "Use the export features here to quickly download data in various formats"/><br />
<br /><h4>Exporting search results and individual events</h4>
Apart from the options offered by the export pages, it's also possible to export all events involved in a search attribute result table, by using the "Download results as XML" button on the left menu bar. <br /><br />
<br /><img src="<?php echo h($baseurl);?>/img/doc/export_search.png" alt = "" title = "Download a .xml from all the events that are shown through an attribute in the search results."/><br /><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/export_search.png" alt = "" title = "Download a .xml from all the events that are shown through an attribute in the search results."/><br /><br />
Each event's view has its own export feature, both as an XML export and as a .ioc file. To reach these features, just navigate to an event and use the appropriate buttons on the right side.<br /><br />
<br /><img src="<?php echo h($baseurl);?>/img/doc/export_event.png" alt = "" title = "Download a .xml or a .ioc of the event."/><br /><br />
<br /><img src="<?php echo $baseurl;?>/img/doc/export_event.png" alt = "" title = "Download a .xml or a .ioc of the event."/><br /><br />
<hr />
<h2><a id="connect"></a>Connecting to other instances:</h2>
Apart from being a self contained repository of attacks/malware, one of the main features of MISP is its ability to connect to other instances and share (parts of) its information. The following options allow you to set up and maintain such connections.<br /><br />
<h3><a id="new_server"></a>Setting up a connection to another server:</h3>
In order to share data with a remote server via pushes and pulls, you need to request a valid authentication key from the hosting organisation of the remote instance. When clicking on List Servers and then on New Server, a form comes up that needs to be filled out in order for your instance to connect to it. The following fields need to be filled out:<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/add_server.png" alt ="Add server" title = "Make sure that you enter the authentication key that you have been given by the hosting organisation of the remote instance, instead of the one you have gotten from this one."/></p>
<p><img src="<?php echo $baseurl;?>/img/doc/add_server.png" alt ="Add server" title = "Make sure that you enter the authentication key that you have been given by the hosting organisation of the remote instance, instead of the one you have gotten from this one."/></p>
<ul>
<li><b>Base URL:</b> The URL of the remote server.</li>
<li><b>Organization:</b> The organisation that runs the remote server. It is very impoportant that this setting is filled out exactly as the organisation name set up in the bootstrap file of the remote instance.</li>
@ -412,7 +412,7 @@ In order to share data with a remote server via pushes and pulls, you need to re
</ul>
<h3>Browsing the currently set up server connections and interacting with them:</h3>
If you ever need to change the data about the linked servers or remove any connections, you have the following options to view and manipulate the server connections, when clicking on List Servers: (you will be able to see a list of all servers that your server connects to, including the base address, the organisation running the server the last pushed and pulled event IDs and the control buttons.).<br /><br />
<p><img src="<?php echo h($baseurl);?>/img/doc/list_servers.png" alt = "" title = "Apart from editing / deleting the link to the remote server, you can issue a push all or pull all command from here."/></p><br />
<p><img src="<?php echo $baseurl;?>/img/doc/list_servers.png" alt = "" title = "Apart from editing / deleting the link to the remote server, you can issue a push all or pull all command from here."/></p><br />
<ul>
<li><b>Editing the connection to the:</b> By clicking edit a view, <a href=#new_server>that is identical to the new instance view</a>, is loaded, with all the current information of the instance pre-entered.</li>
<li><b>Deleting the connection to the instance:</b> Clicking the delete button will delete the link to the instance.</li>

14
app/View/ShadowAttributes/index.ctp
View File

@ -41,13 +41,13 @@
</tr>
<?php foreach ($shadowAttributes as $event):?>
<tr>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['Event']['id']);?>
</td>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['ShadowAttribute']['org'])?>
</td>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php
if ($event['ShadowAttribute']['old_id'] != 0) {
echo 'Attribute edit';
@ -56,16 +56,16 @@
}
?>
</td>
<td onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['Event']['info']); ?>
</td>
<td onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['ShadowAttribute']['value']);?>
</td>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['ShadowAttribute']['category']);?>
</td>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/events/view/".$event['Event']['id'];?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'">
<?php echo h($event['ShadowAttribute']['type']);?>
</td>
</tr>

2
app/View/Tags/index.ctp
View File

@ -28,7 +28,7 @@
foreach ($list as $item): ?>
<tr>
<td class="short"><?php echo h($item['Tag']['id']); ?>&nbsp;</td>
<td><a href="<?php echo h($baseurl)."/events/index/searchtag:".$item['Tag']['id']; ?>" class="tag" style="background-color: <?php echo h($item['Tag']['colour']); ?>;color:<?php echo $this->TextColour->getTextColour($item['Tag']['colour']); ?>"><?php echo h($item['Tag']['name']); ?></a></td>
<td><a href="<?php echo $baseurl."/events/index/searchtag:".$item['Tag']['id']; ?>" class="tag" style="background-color: <?php echo h($item['Tag']['colour']); ?>;color:<?php echo $this->TextColour->getTextColour($item['Tag']['colour']); ?>"><?php echo h($item['Tag']['name']); ?></a></td>
<td class="short"><?php echo h($item['Tag']['count']); ?>&nbsp;</td>
<?php if ($isAclTagger): ?>
<td class="short action-links">

2
app/View/Templates/ajax/template_choices.ctp
View File

@ -2,7 +2,7 @@
<legend><?php echo __('Choose element type'); ?></legend>
<div class="popover_choice_main" id ="popover_choice_main">
<?php foreach ($templates as $k => $template): ?>
<div class="templateChoiceButton" style="width:100%;" title="<?php echo h($template['Template']['description']); ?>" onClick="document.location.href ='<?php echo h($baseurl);?>/templates/populateEventFromTemplate/<?php echo $template['Template']['id'];?>/<?php echo $id; ?>'">
<div class="templateChoiceButton" style="width:100%;" title="<?php echo h($template['Template']['description']); ?>" onClick="document.location.href ='<?php echo $baseurl;?>/templates/populateEventFromTemplate/<?php echo $template['Template']['id'];?>/<?php echo $id; ?>'">
<div style="float:left;">
<?php
$imgRelativePath = 'orgs' . DS . h($template['Template']['org']) . '.png';

10
app/View/Templates/index.ctp
View File

@ -29,8 +29,8 @@
</tr><?php
foreach ($list as $item): ?>
<tr>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/templates/view/".$item['Template']['id']; ?>'"><?php echo h($item['Template']['id']); ?>&nbsp;</td>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/templates/view/".$item['Template']['id']; ?>'">
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/templates/view/".$item['Template']['id']; ?>'"><?php echo h($item['Template']['id']); ?>&nbsp;</td>
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/templates/view/".$item['Template']['id']; ?>'">
<?php
$imgRelativePath = 'orgs' . DS . h($item['Template']['org']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
@ -39,9 +39,9 @@ foreach ($list as $item): ?>
?>
&nbsp;
</td>
<td class="short" onclick="document.location.href ='<?php echo h($baseurl)."/templates/view/".$item['Template']['id']; ?>'"><?php if ($item['Template']['share']) echo 'Yes'; else echo 'No'; ?>&nbsp;</td>
<td onclick="document.location.href ='<?php echo h($baseurl)."/templates/view/".$item['Template']['id']; ?>'"><?php echo h($item['Template']['name']); ?>&nbsp;</td>
<td onclick="document.location.href ='<?php echo h($baseurl)."/templates/view/".$item['Template']['id']; ?>'"><?php echo h($item['Template']['description']); ?>&nbsp;</td>
<td class="short" onclick="document.location.href ='<?php echo $baseurl."/templates/view/".$item['Template']['id']; ?>'"><?php if ($item['Template']['share']) echo 'Yes'; else echo 'No'; ?>&nbsp;</td>
<td onclick="document.location.href ='<?php echo $baseurl."/templates/view/".$item['Template']['id']; ?>'"><?php echo h($item['Template']['name']); ?>&nbsp;</td>
<td onclick="document.location.href ='<?php echo $baseurl."/templates/view/".$item['Template']['id']; ?>'"><?php echo h($item['Template']['description']); ?>&nbsp;</td>
<?php if ($isAclTagger): ?>
<td class="short action-links">
<?php echo $this->Html->link('', array('action' => 'edit', $item['Template']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));?>

2
app/View/Threads/view.ctp
View File

@ -1,7 +1,7 @@
<div class="threads view">
<h3><?php
if (isset($event_id)) {
echo '<a href="' . h($baseurl) . '/events/view/' . $event_id . '">' . h($thread_title) . '</a>';
echo '<a href="' . $baseurl . '/events/view/' . $event_id . '">' . h($thread_title) . '</a>';
} else {
echo h($thread_title);
}

4
app/View/Users/admin_filter_user_index.ctp
View File

@ -82,7 +82,7 @@
</tr>
</table>
</div>
<?php echo $this->Form->create('User', array('id' => 'test', 'url' => h($baseurl) . '/admin/users/index'));?>
<?php echo $this->Form->create('User', array('id' => 'test', 'url' => $baseurl . '/admin/users/index'));?>
<fieldset>
<?php
echo $this->Form->input('generatedURL', array(
@ -122,7 +122,7 @@ var typedFields = ["role"];
var allFields = simpleFilters.concat(differentFilters);
var baseurl = "<?php echo h($baseurl); ?>";
var baseurl = "<?php echo $baseurl; ?>";
$(document).ready(function() {
indexRuleChange();

2
app/View/Users/terms.ctp
View File

@ -16,7 +16,7 @@
$terms->close();
} else {
?>
<a href="<?php echo h($baseurl);?>/users/downloadTerms" class="btn btn-inverse">Download Terms and Conditions</a>
<a href="<?php echo $baseurl;?>/users/downloadTerms" class="btn btn-inverse">Download Terms and Conditions</a>
<?php
}
}

2
app/View/Users/verify_g_p_g.ctp
View File

@ -2,7 +2,7 @@
<h3>GPG key validation</h3>
<ul>
<?php foreach ($users as $k => $user) {
echo '<a href="'.h($baseurl).'/admin/users/view/' . $k . '">' . $k . ' (' . h($user[1]) . ')</a>:';
echo '<a href="'.$baseurl.'/admin/users/view/' . $k . '">' . $k . ' (' . h($user[1]) . ')</a>:';
if (isset($user[0])) {
echo '-> <span style="color:red;"><span style="font-weight:bold">Invalid.</span> (' . h($user[2]) . ')</span><br />';
} else {