NathanGibbs3 / BASE / 624

pending completion

Build # 624

Build Type

push

travis-ci-com

Committed by

NathanGibbs3

Commit Message

Merge branch 'devel'

Run Details

562 of 562 new or added lines in 28 files covered. (100.0%)

3145 of 17504 relevant lines covered (17.97%)

23.22 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/setup/setup_db.inc.php

<?php
/*******************************************************************************
** Basic Analysis and Security Engine (BASE)
** Copyright (C) 2004 BASE Project Team
** Copyright (C) 2000 Carnegie Mellon University
**
** (see the file 'base_main.php' for license details)
**
** Project Leads: Kevin Johnson <kjohnson@secureideas.net>
**                Sean Muller <samwise_diver@users.sourceforge.net>
** Built upon work by Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
**
** Purpose: Setup step 4, create the database stuff
********************************************************************************
** Authors:
********************************************************************************
** Kevin Johnson <kjohnson@secureideas.net>
**
********************************************************************************
*/
// Ensure the conf file has been loaded. Prevent direct access to this file.
defined('_BASE_INC') or die('Accessing this file directly is not allowed.');

function CreateBASEAG($db) {
     global $debug_mode;
     
     $tblBaseAG_present = $db->baseTableExists("acid_ag");
     $tblBaseAGAlert_present = $db->baseTableExists("acid_ag_alert");
     $tblBaseIPCache_present = $db->baseTableExists("acid_ip_cache");
     $tblBaseEvent_present = $db->baseTableExists("acid_event");
     $tblBaseRoles_present = $db->baseTableExists("base_roles");
     $tblBaseUsers_present = $db->baseTableExists("base_users");

     if ( $debug_mode > 0 ) {
       echo "\$submit = $submit <BR>
              database: $db->DB_name <BR>
              table acid_ag present? $tblBaseAG_present <BR>  
              table acid_ag_alert present? $tblBaseAGAlert_present <BR>
              table acid_ip_cache present? $tblBaseIPCache_present <BR>
              table acid_event present? $tblBaseEvent_present <BR>
              table base_roles present? $tblBaseRoles_present <BR>
              table base_users present? $tblBaseUsers_present <BR>";
     }

     if ( !$tblBaseAG_present ) {
        if ( $db->DB_type == "mysql" ) {
           $sql = 'CREATE TABLE acid_ag ( ag_id               INT           UNSIGNED NOT NULL AUTO_INCREMENT,
                                          ag_name             VARCHAR(40),
                                          ag_desc             TEXT,
                                          ag_ctime            DATETIME,
                                          ag_ltime            DATETIME,
                                          PRIMARY KEY         (ag_id),
                                          INDEX               (ag_id))';
        } else if ($db->DB_type == "postgres") {
           $sql = 'CREATE TABLE acid_ag ( ag_id               SERIAL NOT NULL,
                                          ag_name             TEXT,
                                          ag_desc             TEXT,
                                          ag_ctime            TIMESTAMP,
                                          ag_ltime            TIMESTAMP,
                                          PRIMARY KEY         (ag_id))';
        } else if ($db->DB_type == "mssql") {
           /* Microsoft recommends specifying NULL if NULL is permitted */
           /* Otherwise it will unpredictably change the nullability. */
           $sql = 'CREATE TABLE acid_ag ( ag_id              NUMERIC(10,0) IDENTITY(1,1) NOT NULL,
                                          ag_name            VARCHAR(40) NULL,
                                          ag_desc            TEXT NULL,
                                          ag_ctime           DATETIME NULL,
                                          ag_ltime           DATETIME NULL,
                                          PRIMARY KEY        (ag_id))';
        } else if ($db->DB_type == "oci8") {
           $sql = 'CREATE TABLE acid_ag ( ag_id               INT NOT NULL,
                                          ag_name             VARCHAR2(40),
                                          ag_desc             BLOB,
                                          ag_ctime            DATE,
                                          ag_ltime            DATE,
                                          PRIMARY KEY         (ag_id))';
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE table 'acid_ag': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created 'acid_ag'");

           $sql = 'CREATE SEQUENCE snort.seq_acid_ag_id START WITH 1 INCREMENT BY 1';
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE sequence 'snort.seq_acid_ag_id': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created sequence 'snort.seq_acid_ag_id'");

           $sql = 'CREATE or replace TRIGGER tr_acid_ag_id
                   BEFORE INSERT ON acid_ag
                   FOR EACH ROW
                   BEGIN
                   SELECT snort.seq_acid_ag_id.nextval INTO :new.ag_id FROM dual;
                   END;/';
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE trigger 'tr_acid_ag_id': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created trigger 'tr_acid_ag_id'");
        }

        /* Run query to create table 'acid_ag' */
        if( $db->DB_type != "oci8" ) {
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE table 'acid_ag': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created 'acid_ag'");
        }
        $tblBaseAG_present = $db->baseTableExists("acid_ag");
     }

     if ( !$tblBaseAGAlert_present ) {
        if ( $db->DB_type == "mysql" ) {
           $sql = 'CREATE TABLE acid_ag_alert( ag_id               INT           UNSIGNED NOT NULL,
                                               ag_sid              INT           UNSIGNED NOT NULL,
                                               ag_cid              INT           UNSIGNED NOT NULL,
                                               PRIMARY KEY         (ag_id, ag_sid, ag_cid),
                                               INDEX               (ag_id),
                                               INDEX               (ag_sid, ag_cid))';
        } else if ($db->DB_type == "postgres") {
           $sql = 'CREATE TABLE acid_ag_alert ( ag_id               INT8 NOT NULL,
                                                ag_sid              INT4 NOT NULL,
                                                ag_cid              INT8 NOT NULL,
                                                PRIMARY KEY         (ag_id, ag_sid, ag_cid) );
                   CREATE INDEX acid_ag_alert_aid_idx ON acid_ag_alert (ag_id);
                   CREATE INDEX acid_ag_alert_id_idx ON acid_ag_alert (ag_sid, ag_cid);';
        } else if ($db->DB_type == "mssql") {
           /* Microsoft recommends specifying NULL if NULL is permitted */
           /* Otherwise it will unpredictably change the nullability. */
           $sql = 'CREATE TABLE acid_ag_alert ( ag_id        NUMERIC(10,0) NOT NULL,
                                                ag_sid       NUMERIC(10,0) NOT NULL,
                                                ag_cid       NUMERIC(10,0) NOT NULL,
                                                PRIMARY KEY  (ag_id, ag_sid, ag_cid) )';
        } else if( $db->DB_type == "oci8" ) {
           $sql = 'CREATE TABLE acid_ag_alert ( ag_id  INT NOT NULL,
                                                ag_sid INT NOT NULL,
                                                ag_cid INT NOT NULL,
                                                PRIMARY KEY (ag_id, ag_sid, ag_cid) )';
        }

        $db->baseExecute($sql, -1, -1, false);
        if ( $db->baseErrorMessage() != "" )
           ErrorMessage("Unable to CREATE table 'acid_ag_alert': ".$db->baseErrorMessage());
        else
           ErrorMessage("Successfully created 'acid_ag_alert'");
        $tblBaseAGAlert_present = $db->baseTableExists("acid_ag_alert");
     }

     if ( !$tblBaseIPCache_present ) {
        if ( $db->DB_type == "mysql" ) {
           $sql = 'CREATE TABLE acid_ip_cache( ipc_ip                  INT UNSIGNED NOT NULL,
                                               ipc_fqdn                VARCHAR(50),
                                               ipc_dns_timestamp       DATETIME,
                                               ipc_whois               TEXT,
                                               ipc_whois_timestamp     DATETIME,
                                               PRIMARY KEY         (ipc_ip),
                                               INDEX               (ipc_ip))';
        } else if ($db->DB_type == "postgres") {
           $sql = 'CREATE TABLE acid_ip_cache( ipc_ip                  INT8 NOT NULL,
                                               ipc_fqdn                TEXT,
                                               ipc_dns_timestamp       TIMESTAMP,
                                               ipc_whois               TEXT,
                                               ipc_whois_timestamp     TIMESTAMP,
                                               PRIMARY KEY         (ipc_ip) );';
        } else if ($db->DB_type == "mssql") {
           /* Microsoft recommends specifying NULL if NULL is permitted */
           /* Otherwise it will unpredictably change the nullability. */
           $sql = 'CREATE TABLE acid_ip_cache ( ipc_ip   NUMERIC(10,0) NOT NULL,
                                                ipc_fqdn  VARCHAR(50) NULL,
                                                ipc_dns_timestamp  DATETIME NULL,
                                                ipc_whois      TEXT NULL,
                                                ipc_whois_timestamp  DATETIME NULL,
                                                PRIMARY KEY     (ipc_ip) )';
        } else if ($db->DB_type == "oci8") {
           $sql = 'CREATE TABLE acid_ip_cache( ipc_ip              INT NOT NULL,
                                               ipc_fqdn            VARCHAR2(50),
                                               ipc_dns_timestamp   DATE,
                                               ipc_whois           BLOB,
                                               ipc_whois_timestamp DATE,
                                               PRIMARY KEY         (ipc_ip) )';
        }

        $db->baseExecute($sql, -1, -1, false);
        if ( $db->baseErrorMessage() != "" )
           ErrorMessage("Unable to CREATE table 'acid_ip_cache': ".$db->baseErrorMessage());
        else
           ErrorMessage("Successfully created 'acid_ip_cache'");
        $tblBaseIPCache_present = $db->baseTableExists("acid_ip_cache");
     }

     if ( !$tblBaseEvent_present ) {
           if ( $db->DB_type == "mysql" ) {  
              if ( $db->baseGetDBversion() < 100 )
                 $sig_ddl = "signature      VARCHAR(255) NOT NULL,";
              else
                 $sig_ddl = "signature      INT UNSIGNED NOT NULL,";
              $sql = 'CREATE TABLE acid_event ( sid                 INT UNSIGNED NOT NULL,
                                                cid                 INT UNSIGNED NOT NULL,'.
                                                $sig_ddl.'     
                                                sig_name            VARCHAR(255),
                                                sig_class_id        INT UNSIGNED,
                                                sig_priority        INT UNSIGNED,
                                                timestamp           DATETIME NOT NULL,
                                                ip_src              INT UNSIGNED,
                                                ip_dst              INT UNSIGNED,
                                                ip_proto            INT,
                                                layer4_sport        INT UNSIGNED,
                                                layer4_dport        INT UNSIGNED,
                                                PRIMARY KEY         (sid,cid),
                                                INDEX               (signature),
                                                INDEX               (sig_name),
                                                INDEX               (sig_class_id),
                                                INDEX               (sig_priority),
                                                INDEX               (timestamp),
                                                INDEX               (ip_src),
                                                INDEX               (ip_dst),
                                                INDEX               (ip_proto),
                                                INDEX               (layer4_sport),
                                                INDEX               (layer4_dport) )';
           
           } else if ($db->DB_type == "postgres") {
              if ( $db->baseGetDBversion() < 100 )
                 $sig_ddl = "signature      TEXT NOT NULL,";
              else
                 $sig_ddl = "signature      INT8 NOT NULL,";

              $sql = 'CREATE TABLE acid_event ( sid                 INT8 NOT NULL,
                                                cid                 INT8 NOT NULL,'.
                                                $sig_ddl.'
                                                sig_name            TEXT,
                                                sig_class_id        INT8,
                                                sig_priority        INT8,
                                                timestamp              TIMESTAMP NOT NULL,
                                                ip_src              INT8,
                                                ip_dst              INT8,
                                                ip_proto            INT4,
                                                layer4_sport        INT4,
                                                layer4_dport        INT4,
                                                PRIMARY KEY         (sid,cid) );
                      CREATE INDEX acid_event_signature ON acid_event (signature);
                      CREATE INDEX acid_event_sig_name ON acid_event (sig_name);
                      CREATE INDEX acid_event_sig_class_id ON acid_event (sig_class_id);
                      CREATE INDEX acid_event_sig_priority ON acid_event (sig_priority);
                      CREATE INDEX acid_event_timestamp ON acid_event (timestamp);
                      CREATE INDEX acid_event_ip_src ON acid_event (ip_src);
                      CREATE INDEX acid_event_ip_dst ON acid_event (ip_dst); 
                      CREATE INDEX acid_event_ip_proto ON acid_event (ip_proto);
                      CREATE INDEX acid_event_layer4_sport ON acid_event (layer4_sport);
                      CREATE INDEX acid_event_layer4_dport ON acid_event (layer4_dport);';
           } else if ($db->DB_type == "mssql") {
           /* Microsoft recommends specifying NULL if NULL is permitted */
           /* Otherwise it will unpredictably change the nullability. */
              if ( $db->baseGetDBversion() < 100 )
                 $sig_ddl = "signature      TEXT NOT NULL,";
              else
                 $sig_ddl = "signature      NUMERIC(10,0) NOT NULL,";
              $sql = 'CREATE TABLE acid_event ( sid                 NUMERIC(10,0) NOT NULL,
                                                cid                 NUMERIC(10,0) NOT NULL,'.
                                                $sig_ddl.'
                                                sig_name            VARCHAR(255) NULL,
                                                sig_class_id        NUMERIC(10,0) NULL,
                                                sig_priority        NUMERIC(10,0) NULL,
                                                timestamp           DATETIME NOT NULL,
                                                ip_src              NUMERIC(10,0) NULL,
                                                ip_dst              NUMERIC(10,0) NULL,
                                                ip_proto            NUMERIC(10,0) NULL,
                                                layer4_sport        NUMERIC(10,0) NULL,
                                                layer4_dport        NUMERIC(10,0) NULL,
                                                PRIMARY KEY         (sid,cid))';
           } else if ($db->DB_type == "oci8") {
              $sql = 'CREATE TABLE acid_event ( sid                 INT NOT NULL,
                                                cid                 INT NOT NULL,
                                                signature           INT NOT NULL,
                                                sig_name            VARCHAR2(255),
                                                sig_class_id        INT,
                                                sig_priority        INT,
                                                timestamp           DATE NOT NULL,
                                                ip_src              INT,
                                                ip_dst              INT,
                                                ip_proto            INT,
                                                layer4_sport        INT,
                                                layer4_dport        INT,
                                                PRIMARY KEY         (sid,cid))';
           }

           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE table 'acid_event': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created 'acid_event'");
           $tblBaseEvent_present = $db->baseTableExists("acid_event");
     }

     if ($db->DB_type == "mssql") {
           /* Sheesh! If you create the indexes at the same time you create the */
           /*   tables, you get Attention and a disconnect (no error message). */
           /*   If you create the indexes here, it works. Go figure. */
           $sql = 'CREATE INDEX acid_ag_ag_id_idx ON acid_ag (ag_id)
                   CREATE INDEX acid_ag_alert_aid_idx ON acid_ag_alert (ag_id)
                   CREATE INDEX acid_ag_alert_id_idx ON acid_ag_alert (ag_sid, ag_cid)        
                   CREATE INDEX acid_event_sig_class_id ON acid_event (sig_class_id)
                   CREATE INDEX acid_event_sig_priority ON acid_event (sig_priority)
                   CREATE INDEX acid_event_timestamp ON acid_event (timestamp)
                   CREATE INDEX acid_event_ip_src ON acid_event (ip_src)
                   CREATE INDEX acid_event_ip_dst ON acid_event (ip_dst)
                   CREATE INDEX acid_event_ip_proto ON acid_event (ip_proto)
                   CREATE INDEX acid_event_layer4_sport ON acid_event (layer4_sport)
                   CREATE INDEX acid_event_layer4_dport ON acid_event (layer4_dport)';
           $db->baseExecute($sql, -1, -1, false);
           if ($db->baseErrorMessage() != "")
              ErrorMessage("Unable to CREATE MSSQL BASE table indexes : ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created MSSQL BASE table indexes");
     }
      
     /* Added for base_roles and base_users -- Kevin */
     if ( !$tblBaseRoles_present ) {
           if ( $db->DB_type == "mysql" ) {
              $sql = 'CREATE TABLE base_roles ( role_id           int(11)         NOT NULL,
                                                role_name         varchar(20)     NOT NULL,
                                                role_desc         varchar(75)     NOT NULL,
                                                PRIMARY KEY         (role_id));';
           } else if ($db->DB_type == "postgres") {
              $sql = 'CREATE TABLE base_roles ( role_id             INT8 NOT NULL,
                                                role_name           TEXT,
                                                role_desc           TEXT,
                                                PRIMARY KEY         (role_id) );';
           } else if ($db->DB_type == "mssql") {
           /* Microsoft recommends specifying NULL if NULL is permitted */
           /* Otherwise it will unpredictably change the nullability. */
              $sql = 'CREATE TABLE base_roles ( role_id   NUMERIC(10,0) NOT NULL,
                                                role_name  VARCHAR(20) NULL,
                                                role_desc  VARCHAR(75) NULL,
                                                PRIMARY KEY     (role_id) );';
           } else if ($db->DB_type == "oci8") {
              $sql = 'CREATE TABLE base_roles ( role_id           int          NOT NULL,
                                                role_name         varchar2(20) NOT NULL,
                                                role_desc         varchar2(75) NOT NULL,
                                                PRIMARY KEY       (role_id))';
           }

           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE table 'base_roles': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created 'base_roles'");
         
           /* INSERT into base_roles - PostgreSQL cannot do multiple row */
           // Administrator
           $sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (1, 'Admin', 'Administrator');";
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully INSERTED Admin role");

           // Authenticated User
           $sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (10, 'user', 'Authenticated User');";
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully INSERTED Authenticated User role");

           // Anonymous User
           $sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (10000, 'anonymous', 'Anonymous User');";
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully INSERTED Anonymous User role");

           // Alert Group Editor
           $sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (50, 'ag_editor', 'Alert Group Editor');";
           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully INSERTED Alert Group Editor role");
           $tblBaseRoles_present = $db->baseTableExists("base_roles");
     }

     if ( !$tblBaseUsers_present ) {
           if ( $db->DB_type == "mysql" ) {
              $sql = 'CREATE TABLE base_users ( usr_id            int(11)          NOT NULL,
                                                usr_login         varchar(25)      NOT NULL,
                                                usr_pwd           varchar(32)      NOT NULL,
                                                usr_name          varchar(75)      NOT NULL,
                                                role_id           int(11)          NOT NULL,
                                                usr_enabled       int(11)          NOT NULL,
                                                PRIMARY KEY         (usr_id),
                                                INDEX               (usr_login));';
           } else if ($db->DB_type == "postgres") {
              $sql = 'CREATE TABLE base_users ( usr_id            INT8         NOT NULL,
                                                usr_login         TEXT         NOT NULL,
                                                usr_pwd           TEXT         NOT NULL,
                                                usr_name          TEXT         NOT NULL,
                                                role_id           INT8         NOT NULL,
                                                usr_enabled       INT8         NOT NULL,
                                                PRIMARY KEY       (usr_id));
                                                CREATE INDEX base_users_usr_login ON base_users (usr_login);';
           } else if ($db->DB_type == "mssql") {
              // I did not create the usr_login index yet -- Kevin
              $sql = 'CREATE TABLE base_users ( usr_id NUMERIC(10,0) NOT NULL,
                                                usr_login         VARCHAR(25)     NOT NULL,
                                                usr_pwd           VARCHAR(32)     NOT NULL,
                                                usr_name          VARCHAR(75)     NOT NULL,
                                                role_id           NUMERIC(10,0)   NOT NULL,
                                                usr_enabled       NUMERIC(10,0)   NOT NULL,
                                                PRIMARY KEY       (usr_id));';
           } else if ($db->DB_type == "oci8") {
              $sql = 'CREATE TABLE base_users ( usr_id            int             NOT NULL,
                                                usr_login         varchar2(25)    NOT NULL,
                                                usr_pwd           varchar2(32)    NOT NULL,
                                                usr_name          varchar2(75)    NOT NULL,
                                                role_id           number          NOT NULL,
                                                usr_enabled       number          NOT NULL,
                                                PRIMARY KEY       (usr_id))';
           }

           $db->baseExecute($sql, -1, -1, false);
           if ( $db->baseErrorMessage() != "" )
              ErrorMessage("Unable to CREATE table 'base_users': ".$db->baseErrorMessage());
           else
              ErrorMessage("Successfully created 'base_users'");
           $tblBaseUsers_present = $db->baseTableExists("base_users");
     }

     if ( $tblBaseAG_present && $tblBaseAGAlert_present && $tblBaseIPCache_present 
          && $tblBaseEvent_present && $tblBaseRoles_present && $tblBaseUsers_present )
        return 1;
     else
        return 0;
}

?>

1	<?php
2	/*******************************************************************************
3	** Basic Analysis and Security Engine (BASE)
4	** Copyright (C) 2004 BASE Project Team
5	** Copyright (C) 2000 Carnegie Mellon University
6	**
7	** (see the file 'base_main.php' for license details)
8	**
9	** Project Leads: Kevin Johnson <kjohnson@secureideas.net>
10	** Sean Muller <samwise_diver@users.sourceforge.net>
11	** Built upon work by Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
12	**
13	** Purpose: Setup step 4, create the database stuff
14	********************************************************************************
15	** Authors:
16	********************************************************************************
17	** Kevin Johnson <kjohnson@secureideas.net>
18	**
19	********************************************************************************
20	*/
21	// Ensure the conf file has been loaded. Prevent direct access to this file.
22	defined('_BASE_INC') or die('Accessing this file directly is not allowed.');	×
23
24	function CreateBASEAG($db) {
25	global $debug_mode;
26
27	$tblBaseAG_present = $db->baseTableExists("acid_ag");	×
28	$tblBaseAGAlert_present = $db->baseTableExists("acid_ag_alert");	×
29	$tblBaseIPCache_present = $db->baseTableExists("acid_ip_cache");	×
30	$tblBaseEvent_present = $db->baseTableExists("acid_event");	×
31	$tblBaseRoles_present = $db->baseTableExists("base_roles");	×
32	$tblBaseUsers_present = $db->baseTableExists("base_users");	×
33
34	if ( $debug_mode > 0 ) {	×
35	echo "\$submit = $submit <BR>	×
36	database: $db->DB_name <BR>	×
37	table acid_ag present? $tblBaseAG_present <BR>
38	table acid_ag_alert present? $tblBaseAGAlert_present <BR>
39	table acid_ip_cache present? $tblBaseIPCache_present <BR>
40	table acid_event present? $tblBaseEvent_present <BR>
41	table base_roles present? $tblBaseRoles_present <BR>
42	table base_users present? $tblBaseUsers_present <BR>";
43	}
44
45	if ( !$tblBaseAG_present ) {	×
46	if ( $db->DB_type == "mysql" ) {	×
47	$sql = 'CREATE TABLE acid_ag ( ag_id INT UNSIGNED NOT NULL AUTO_INCREMENT,	×
48	ag_name VARCHAR(40),
49	ag_desc TEXT,
50	ag_ctime DATETIME,
51	ag_ltime DATETIME,
52	PRIMARY KEY (ag_id),
53	INDEX (ag_id))';
54	} else if ($db->DB_type == "postgres") {	×
55	$sql = 'CREATE TABLE acid_ag ( ag_id SERIAL NOT NULL,	×
56	ag_name TEXT,
57	ag_desc TEXT,
58	ag_ctime TIMESTAMP,
59	ag_ltime TIMESTAMP,
60	PRIMARY KEY (ag_id))';
61	} else if ($db->DB_type == "mssql") {	×
62	/* Microsoft recommends specifying NULL if NULL is permitted */
63	/* Otherwise it will unpredictably change the nullability. */
64	$sql = 'CREATE TABLE acid_ag ( ag_id NUMERIC(10,0) IDENTITY(1,1) NOT NULL,	×
65	ag_name VARCHAR(40) NULL,
66	ag_desc TEXT NULL,
67	ag_ctime DATETIME NULL,
68	ag_ltime DATETIME NULL,
69	PRIMARY KEY (ag_id))';
70	} else if ($db->DB_type == "oci8") {	×
71	$sql = 'CREATE TABLE acid_ag ( ag_id INT NOT NULL,	×
72	ag_name VARCHAR2(40),
73	ag_desc BLOB,
74	ag_ctime DATE,
75	ag_ltime DATE,
76	PRIMARY KEY (ag_id))';
77	$db->baseExecute($sql, -1, -1, false);	×
78	if ( $db->baseErrorMessage() != "" )	×
79	ErrorMessage("Unable to CREATE table 'acid_ag': ".$db->baseErrorMessage());	×
80	else	×
81	ErrorMessage("Successfully created 'acid_ag'");	×
82
83	$sql = 'CREATE SEQUENCE snort.seq_acid_ag_id START WITH 1 INCREMENT BY 1';	×
84	$db->baseExecute($sql, -1, -1, false);	×
85	if ( $db->baseErrorMessage() != "" )	×
86	ErrorMessage("Unable to CREATE sequence 'snort.seq_acid_ag_id': ".$db->baseErrorMessage());	×
87	else	×
88	ErrorMessage("Successfully created sequence 'snort.seq_acid_ag_id'");	×
89
90	$sql = 'CREATE or replace TRIGGER tr_acid_ag_id	×
91	BEFORE INSERT ON acid_ag
92	FOR EACH ROW
93	BEGIN
94	SELECT snort.seq_acid_ag_id.nextval INTO :new.ag_id FROM dual;
95	END;/';
96	$db->baseExecute($sql, -1, -1, false);	×
97	if ( $db->baseErrorMessage() != "" )	×
98	ErrorMessage("Unable to CREATE trigger 'tr_acid_ag_id': ".$db->baseErrorMessage());	×
99	else	×
100	ErrorMessage("Successfully created trigger 'tr_acid_ag_id'");	×
101	}
102
103	/* Run query to create table 'acid_ag' */
104	if( $db->DB_type != "oci8" ) {	×
105	$db->baseExecute($sql, -1, -1, false);	×
106	if ( $db->baseErrorMessage() != "" )	×
107	ErrorMessage("Unable to CREATE table 'acid_ag': ".$db->baseErrorMessage());	×
108	else	×
109	ErrorMessage("Successfully created 'acid_ag'");	×
110	}
111	$tblBaseAG_present = $db->baseTableExists("acid_ag");	×
112	}
113
114	if ( !$tblBaseAGAlert_present ) {	×
115	if ( $db->DB_type == "mysql" ) {	×
116	$sql = 'CREATE TABLE acid_ag_alert( ag_id INT UNSIGNED NOT NULL,	×
117	ag_sid INT UNSIGNED NOT NULL,
118	ag_cid INT UNSIGNED NOT NULL,
119	PRIMARY KEY (ag_id, ag_sid, ag_cid),
120	INDEX (ag_id),
121	INDEX (ag_sid, ag_cid))';
122	} else if ($db->DB_type == "postgres") {	×
123	$sql = 'CREATE TABLE acid_ag_alert ( ag_id INT8 NOT NULL,	×
124	ag_sid INT4 NOT NULL,
125	ag_cid INT8 NOT NULL,
126	PRIMARY KEY (ag_id, ag_sid, ag_cid) );
127	CREATE INDEX acid_ag_alert_aid_idx ON acid_ag_alert (ag_id);
128	CREATE INDEX acid_ag_alert_id_idx ON acid_ag_alert (ag_sid, ag_cid);';
129	} else if ($db->DB_type == "mssql") {	×
130	/* Microsoft recommends specifying NULL if NULL is permitted */
131	/* Otherwise it will unpredictably change the nullability. */
132	$sql = 'CREATE TABLE acid_ag_alert ( ag_id NUMERIC(10,0) NOT NULL,	×
133	ag_sid NUMERIC(10,0) NOT NULL,
134	ag_cid NUMERIC(10,0) NOT NULL,
135	PRIMARY KEY (ag_id, ag_sid, ag_cid) )';
136	} else if( $db->DB_type == "oci8" ) {	×
137	$sql = 'CREATE TABLE acid_ag_alert ( ag_id INT NOT NULL,	×
138	ag_sid INT NOT NULL,
139	ag_cid INT NOT NULL,
140	PRIMARY KEY (ag_id, ag_sid, ag_cid) )';
141	}
142
143	$db->baseExecute($sql, -1, -1, false);	×
144	if ( $db->baseErrorMessage() != "" )	×
145	ErrorMessage("Unable to CREATE table 'acid_ag_alert': ".$db->baseErrorMessage());	×
146	else	×
147	ErrorMessage("Successfully created 'acid_ag_alert'");	×
148	$tblBaseAGAlert_present = $db->baseTableExists("acid_ag_alert");	×
149	}
150
151	if ( !$tblBaseIPCache_present ) {	×
152	if ( $db->DB_type == "mysql" ) {	×
153	$sql = 'CREATE TABLE acid_ip_cache( ipc_ip INT UNSIGNED NOT NULL,	×
154	ipc_fqdn VARCHAR(50),
155	ipc_dns_timestamp DATETIME,
156	ipc_whois TEXT,
157	ipc_whois_timestamp DATETIME,
158	PRIMARY KEY (ipc_ip),
159	INDEX (ipc_ip))';
160	} else if ($db->DB_type == "postgres") {	×
161	$sql = 'CREATE TABLE acid_ip_cache( ipc_ip INT8 NOT NULL,	×
162	ipc_fqdn TEXT,
163	ipc_dns_timestamp TIMESTAMP,
164	ipc_whois TEXT,
165	ipc_whois_timestamp TIMESTAMP,
166	PRIMARY KEY (ipc_ip) );';
167	} else if ($db->DB_type == "mssql") {	×
168	/* Microsoft recommends specifying NULL if NULL is permitted */
169	/* Otherwise it will unpredictably change the nullability. */
170	$sql = 'CREATE TABLE acid_ip_cache ( ipc_ip NUMERIC(10,0) NOT NULL,	×
171	ipc_fqdn VARCHAR(50) NULL,
172	ipc_dns_timestamp DATETIME NULL,
173	ipc_whois TEXT NULL,
174	ipc_whois_timestamp DATETIME NULL,
175	PRIMARY KEY (ipc_ip) )';
176	} else if ($db->DB_type == "oci8") {	×
177	$sql = 'CREATE TABLE acid_ip_cache( ipc_ip INT NOT NULL,	×
178	ipc_fqdn VARCHAR2(50),
179	ipc_dns_timestamp DATE,
180	ipc_whois BLOB,
181	ipc_whois_timestamp DATE,
182	PRIMARY KEY (ipc_ip) )';
183	}
184
185	$db->baseExecute($sql, -1, -1, false);	×
186	if ( $db->baseErrorMessage() != "" )	×
187	ErrorMessage("Unable to CREATE table 'acid_ip_cache': ".$db->baseErrorMessage());	×
188	else	×
189	ErrorMessage("Successfully created 'acid_ip_cache'");	×
190	$tblBaseIPCache_present = $db->baseTableExists("acid_ip_cache");	×
191	}
192
193	if ( !$tblBaseEvent_present ) {	×
194	if ( $db->DB_type == "mysql" ) {	×
195	if ( $db->baseGetDBversion() < 100 )	×
196	$sig_ddl = "signature VARCHAR(255) NOT NULL,";	×
197	else	×
198	$sig_ddl = "signature INT UNSIGNED NOT NULL,";	×
199	$sql = 'CREATE TABLE acid_event ( sid INT UNSIGNED NOT NULL,	×
200	cid INT UNSIGNED NOT NULL,'.
201	$sig_ddl.'
202	sig_name VARCHAR(255),
203	sig_class_id INT UNSIGNED,
204	sig_priority INT UNSIGNED,
205	timestamp DATETIME NOT NULL,
206	ip_src INT UNSIGNED,
207	ip_dst INT UNSIGNED,
208	ip_proto INT,
209	layer4_sport INT UNSIGNED,
210	layer4_dport INT UNSIGNED,
211	PRIMARY KEY (sid,cid),
212	INDEX (signature),
213	INDEX (sig_name),
214	INDEX (sig_class_id),
215	INDEX (sig_priority),
216	INDEX (timestamp),
217	INDEX (ip_src),
218	INDEX (ip_dst),
219	INDEX (ip_proto),
220	INDEX (layer4_sport),
221	INDEX (layer4_dport) )';
222
223	} else if ($db->DB_type == "postgres") {	×
224	if ( $db->baseGetDBversion() < 100 )	×
225	$sig_ddl = "signature TEXT NOT NULL,";	×
226	else	×
227	$sig_ddl = "signature INT8 NOT NULL,";	×
228
229	$sql = 'CREATE TABLE acid_event ( sid INT8 NOT NULL,	×
230	cid INT8 NOT NULL,'.
231	$sig_ddl.'
232	sig_name TEXT,
233	sig_class_id INT8,
234	sig_priority INT8,
235	timestamp TIMESTAMP NOT NULL,
236	ip_src INT8,
237	ip_dst INT8,
238	ip_proto INT4,
239	layer4_sport INT4,
240	layer4_dport INT4,
241	PRIMARY KEY (sid,cid) );
242	CREATE INDEX acid_event_signature ON acid_event (signature);
243	CREATE INDEX acid_event_sig_name ON acid_event (sig_name);
244	CREATE INDEX acid_event_sig_class_id ON acid_event (sig_class_id);
245	CREATE INDEX acid_event_sig_priority ON acid_event (sig_priority);
246	CREATE INDEX acid_event_timestamp ON acid_event (timestamp);
247	CREATE INDEX acid_event_ip_src ON acid_event (ip_src);
248	CREATE INDEX acid_event_ip_dst ON acid_event (ip_dst);
249	CREATE INDEX acid_event_ip_proto ON acid_event (ip_proto);
250	CREATE INDEX acid_event_layer4_sport ON acid_event (layer4_sport);
251	CREATE INDEX acid_event_layer4_dport ON acid_event (layer4_dport);';
252	} else if ($db->DB_type == "mssql") {	×
253	/* Microsoft recommends specifying NULL if NULL is permitted */
254	/* Otherwise it will unpredictably change the nullability. */
255	if ( $db->baseGetDBversion() < 100 )	×
256	$sig_ddl = "signature TEXT NOT NULL,";	×
257	else	×
258	$sig_ddl = "signature NUMERIC(10,0) NOT NULL,";	×
259	$sql = 'CREATE TABLE acid_event ( sid NUMERIC(10,0) NOT NULL,	×
260	cid NUMERIC(10,0) NOT NULL,'.
261	$sig_ddl.'
262	sig_name VARCHAR(255) NULL,
263	sig_class_id NUMERIC(10,0) NULL,
264	sig_priority NUMERIC(10,0) NULL,
265	timestamp DATETIME NOT NULL,
266	ip_src NUMERIC(10,0) NULL,
267	ip_dst NUMERIC(10,0) NULL,
268	ip_proto NUMERIC(10,0) NULL,
269	layer4_sport NUMERIC(10,0) NULL,
270	layer4_dport NUMERIC(10,0) NULL,
271	PRIMARY KEY (sid,cid))';
272	} else if ($db->DB_type == "oci8") {	×
273	$sql = 'CREATE TABLE acid_event ( sid INT NOT NULL,	×
274	cid INT NOT NULL,
275	signature INT NOT NULL,
276	sig_name VARCHAR2(255),
277	sig_class_id INT,
278	sig_priority INT,
279	timestamp DATE NOT NULL,
280	ip_src INT,
281	ip_dst INT,
282	ip_proto INT,
283	layer4_sport INT,
284	layer4_dport INT,
285	PRIMARY KEY (sid,cid))';
286	}
287
288	$db->baseExecute($sql, -1, -1, false);	×
289	if ( $db->baseErrorMessage() != "" )	×
290	ErrorMessage("Unable to CREATE table 'acid_event': ".$db->baseErrorMessage());	×
291	else	×
292	ErrorMessage("Successfully created 'acid_event'");	×
293	$tblBaseEvent_present = $db->baseTableExists("acid_event");	×
294	}
295
296	if ($db->DB_type == "mssql") {	×
297	/* Sheesh! If you create the indexes at the same time you create the */
298	/* tables, you get Attention and a disconnect (no error message). */
299	/* If you create the indexes here, it works. Go figure. */
300	$sql = 'CREATE INDEX acid_ag_ag_id_idx ON acid_ag (ag_id)	×
301	CREATE INDEX acid_ag_alert_aid_idx ON acid_ag_alert (ag_id)
302	CREATE INDEX acid_ag_alert_id_idx ON acid_ag_alert (ag_sid, ag_cid)
303	CREATE INDEX acid_event_sig_class_id ON acid_event (sig_class_id)
304	CREATE INDEX acid_event_sig_priority ON acid_event (sig_priority)
305	CREATE INDEX acid_event_timestamp ON acid_event (timestamp)
306	CREATE INDEX acid_event_ip_src ON acid_event (ip_src)
307	CREATE INDEX acid_event_ip_dst ON acid_event (ip_dst)
308	CREATE INDEX acid_event_ip_proto ON acid_event (ip_proto)
309	CREATE INDEX acid_event_layer4_sport ON acid_event (layer4_sport)
310	CREATE INDEX acid_event_layer4_dport ON acid_event (layer4_dport)';
311	$db->baseExecute($sql, -1, -1, false);	×
312	if ($db->baseErrorMessage() != "")	×
313	ErrorMessage("Unable to CREATE MSSQL BASE table indexes : ".$db->baseErrorMessage());	×
314	else	×
315	ErrorMessage("Successfully created MSSQL BASE table indexes");	×
316	}
317
318	/* Added for base_roles and base_users -- Kevin */
319	if ( !$tblBaseRoles_present ) {	×
320	if ( $db->DB_type == "mysql" ) {	×
321	$sql = 'CREATE TABLE base_roles ( role_id int(11) NOT NULL,	×
322	role_name varchar(20) NOT NULL,
323	role_desc varchar(75) NOT NULL,
324	PRIMARY KEY (role_id));';
325	} else if ($db->DB_type == "postgres") {	×
326	$sql = 'CREATE TABLE base_roles ( role_id INT8 NOT NULL,	×
327	role_name TEXT,
328	role_desc TEXT,
329	PRIMARY KEY (role_id) );';
330	} else if ($db->DB_type == "mssql") {	×
331	/* Microsoft recommends specifying NULL if NULL is permitted */
332	/* Otherwise it will unpredictably change the nullability. */
333	$sql = 'CREATE TABLE base_roles ( role_id NUMERIC(10,0) NOT NULL,	×
334	role_name VARCHAR(20) NULL,
335	role_desc VARCHAR(75) NULL,
336	PRIMARY KEY (role_id) );';
337	} else if ($db->DB_type == "oci8") {	×
338	$sql = 'CREATE TABLE base_roles ( role_id int NOT NULL,	×
339	role_name varchar2(20) NOT NULL,
340	role_desc varchar2(75) NOT NULL,
341	PRIMARY KEY (role_id))';
342	}
343
344	$db->baseExecute($sql, -1, -1, false);	×
345	if ( $db->baseErrorMessage() != "" )	×
346	ErrorMessage("Unable to CREATE table 'base_roles': ".$db->baseErrorMessage());	×
347	else	×
348	ErrorMessage("Successfully created 'base_roles'");	×
349
350	/* INSERT into base_roles - PostgreSQL cannot do multiple row */
351	// Administrator
352	$sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (1, 'Admin', 'Administrator');";	×
353	$db->baseExecute($sql, -1, -1, false);	×
354	if ( $db->baseErrorMessage() != "" )	×
355	ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());	×
356	else	×
357	ErrorMessage("Successfully INSERTED Admin role");	×
358
359	// Authenticated User
360	$sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (10, 'user', 'Authenticated User');";	×
361	$db->baseExecute($sql, -1, -1, false);	×
362	if ( $db->baseErrorMessage() != "" )	×
363	ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());	×
364	else	×
365	ErrorMessage("Successfully INSERTED Authenticated User role");	×
366
367	// Anonymous User
368	$sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (10000, 'anonymous', 'Anonymous User');";	×
369	$db->baseExecute($sql, -1, -1, false);	×
370	if ( $db->baseErrorMessage() != "" )	×
371	ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());	×
372	else	×
373	ErrorMessage("Successfully INSERTED Anonymous User role");	×
374
375	// Alert Group Editor
376	$sql = "INSERT INTO base_roles (role_id, role_name, role_desc) VALUES (50, 'ag_editor', 'Alert Group Editor');";	×
377	$db->baseExecute($sql, -1, -1, false);	×
378	if ( $db->baseErrorMessage() != "" )	×
379	ErrorMessage("Unable to INSERT roles: ".$db->baseErrorMessage());	×
380	else	×
381	ErrorMessage("Successfully INSERTED Alert Group Editor role");	×
382	$tblBaseRoles_present = $db->baseTableExists("base_roles");	×
383	}
384
385	if ( !$tblBaseUsers_present ) {	×
386	if ( $db->DB_type == "mysql" ) {	×
387	$sql = 'CREATE TABLE base_users ( usr_id int(11) NOT NULL,	×
388	usr_login varchar(25) NOT NULL,
389	usr_pwd varchar(32) NOT NULL,
390	usr_name varchar(75) NOT NULL,
391	role_id int(11) NOT NULL,
392	usr_enabled int(11) NOT NULL,
393	PRIMARY KEY (usr_id),
394	INDEX (usr_login));';
395	} else if ($db->DB_type == "postgres") {	×
396	$sql = 'CREATE TABLE base_users ( usr_id INT8 NOT NULL,	×
397	usr_login TEXT NOT NULL,
398	usr_pwd TEXT NOT NULL,
399	usr_name TEXT NOT NULL,
400	role_id INT8 NOT NULL,
401	usr_enabled INT8 NOT NULL,
402	PRIMARY KEY (usr_id));
403	CREATE INDEX base_users_usr_login ON base_users (usr_login);';
404	} else if ($db->DB_type == "mssql") {	×
405	// I did not create the usr_login index yet -- Kevin
406	$sql = 'CREATE TABLE base_users ( usr_id NUMERIC(10,0) NOT NULL,	×
407	usr_login VARCHAR(25) NOT NULL,
408	usr_pwd VARCHAR(32) NOT NULL,
409	usr_name VARCHAR(75) NOT NULL,
410	role_id NUMERIC(10,0) NOT NULL,
411	usr_enabled NUMERIC(10,0) NOT NULL,
412	PRIMARY KEY (usr_id));';
413	} else if ($db->DB_type == "oci8") {	×
414	$sql = 'CREATE TABLE base_users ( usr_id int NOT NULL,	×
415	usr_login varchar2(25) NOT NULL,
416	usr_pwd varchar2(32) NOT NULL,
417	usr_name varchar2(75) NOT NULL,
418	role_id number NOT NULL,
419	usr_enabled number NOT NULL,
420	PRIMARY KEY (usr_id))';
421	}
422
423	$db->baseExecute($sql, -1, -1, false);	×
424	if ( $db->baseErrorMessage() != "" )	×
425	ErrorMessage("Unable to CREATE table 'base_users': ".$db->baseErrorMessage());	×
426	else	×
427	ErrorMessage("Successfully created 'base_users'");	×
428	$tblBaseUsers_present = $db->baseTableExists("base_users");	×
429	}
430
431	if ( $tblBaseAG_present && $tblBaseAGAlert_present && $tblBaseIPCache_present	×
432	&& $tblBaseEvent_present && $tblBaseRoles_present && $tblBaseUsers_present )
433	return 1;	×
434	else	×
435	return 0;	×
436	}
437
438	?>

NathanGibbs3 / BASE / 624

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous