Commit be9057e2 authored by boombuler's avatar boombuler

Fixed SQL Injections

parent 3b748327
......@@ -4,13 +4,13 @@
if(!empty($_SERVER['REMOTE_ADDR'])) {
die("This script can only be run by the server directly.");
}
//set include paths
if (empty($_SERVER["REQUEST_URI"])) {
$path = dirname(__FILE__)."/";
set_include_path(get_include_path() . PATH_SEPARATOR . $path);
}
//get depencies
$crawler = true;
require_once('runtime.php');
......@@ -22,11 +22,11 @@
require_once(ROOT_DIR.'/lib/core/ConfigLine.class.php');
require_once(ROOT_DIR.'/lib/core/OriginatorStatus.class.php');
require_once(ROOT_DIR.'/lib/extern/pstools.inc');
//get offset and limit options (script parameters)
$router_offset = getopt("o:l:")['o'];
$router_limit = getopt("o:l:")['l'];
// get configuration values
$ping_count = 3; // ping a node X times before fetching data
$ping_timeout = 500; // set the timout for each ping to X ms
......@@ -34,9 +34,9 @@
$crawl_timeout = 18; // timeout after X seconds on fetching crawldata
$network_connection_ipv6_interface = ConfigLine::configByName("network_connection_ipv6_interface"); //use this interface to connect to ipv6 linc local hosts
$interfaces_used_for_crawling = array("br-mesh", "br-client", "floh_fix", "tata_fix"); //use the ip adresses of these interfaces for crawling
$actual_crawl_cycle = Crawling::getActualCrawlCycle()['id'];
echo "Crawling routers $router_offset-$router_limit (offset-limit) with the following options:\n";
echo " ping_count: $ping_count\n";
echo " ping_timeout: $ping_timeout\n";
......@@ -44,7 +44,7 @@
echo " network_connection_ipv6_interface: $network_connection_ipv6_interface\n";
echo " interfaces_used_for_crawling: "; foreach($interfaces_used_for_crawling as $iface) echo $iface; echo "\n";
echo " actual_crawl_cycle: ".$actual_crawl_cycle."\n";
//fetch all routers that need to be crawled by a crawler. Respect offset and limit!
$routerlist = new Routerlist(false, false, "crawler", false, false, false, false, false,
(int)$router_offset, (int)$router_limit, "router_id", "asc");
......@@ -60,7 +60,7 @@
$xml_array = array();
$ping=false;
$return = array();
if($ip->getNetwork()->getIpv()==6)
$command = "ping6 -c $ping_count -w ".($ping_count+1)*$ping_timeout." -W $ping_timeout -I $network_connection_ipv6_interface ".$ip->getIp();
elseif($ip->getNetwork()->getIpv()==4)
......@@ -68,7 +68,7 @@
echo " ".$command."\n";
PsExecute($command, $ping_hard_timeout, 1);
//fetch crawl data from router
$return = array();
if($ip->getNetwork()->getIpv()==6)
......@@ -81,7 +81,7 @@
foreach($return as $string) {
$return_string .= $string;
}
//store the crawl data into the database if the router is not offline
if(!empty($return_string)) {
echo " Craw was successfull, online\n";
......@@ -97,34 +97,40 @@
$data['router_id'] = $router->getRouterId();
$data['system_data']['status'] = "unknown";
}
/**Insert Router System Data*/
echo " Inserting RouterStatus into DB\n";
$router_status = New RouterStatus(false, (int)$actual_crawl_cycle, $router->getRouterId(),
$data['system_data']['status'], false, $data['system_data']['hostname'], (int)$data['client_count'], $data['system_data']['chipset'],
$data['system_data']['cpu'], (int)$data['system_data']['memory_total'], (int)$data['system_data']['memory_caching'], (int)$data['system_data']['memory_buffering'],
(int)$data['system_data']['memory_free'], $data['system_data']['loadavg'], $data['system_data']['processes'], $data['system_data']['uptime'],
$data['system_data']['idletime'], $data['system_data']['local_time'], $data['system_data']['distname'], $data['system_data']['distversion'], $data['system_data']['openwrt_core_revision'],
$data['system_data']['idletime'], $data['system_data']['local_time'], $data['system_data']['distname'], $data['system_data']['distversion'], $data['system_data']['openwrt_core_revision'],
$data['system_data']['openwrt_feeds_packages_revision'], $data['system_data']['firmware_version'],
$data['system_data']['firmware_revision'], $data['system_data']['kernel_version'], $data['system_data']['configurator_version'],
$data['system_data']['firmware_revision'], $data['system_data']['kernel_version'], $data['system_data']['configurator_version'],
$data['system_data']['nodewatcher_version'], $data['system_data']['fastd_version'], $data['system_data']['batman_advanced_version']);
if($router_status->store()) {
echo " Inserting Batman advanced interfaces into DB\n";
/**Insert Batman advanced Interfaces*/
foreach($data['batman_adv_interfaces'] as $bat_adv_int) {
try {
DB::getInstance()->exec("INSERT INTO crawl_batman_advanced_interfaces (router_id, crawl_cycle_id, name, status, crawl_date)
VALUES ('$data[router_id]', '$actual_crawl_cycle', '$bat_adv_int[name]', '$bat_adv_int[status]', NOW());");
$stmt = DB::getInstance()->prepare("INSERT INTO crawl_batman_advanced_interfaces (router_id, crawl_cycle_id, name, status, crawl_date)
VALUES (:router_id, :actual_crawl_cycle, :name, :status, NOW());");
$stmt->execute(array(
':router_id' => $data['router_id'],
':actual_crawl_cycle' => $actual_crawl_cycle,
':name' => $bat_adv_int['name'],
':status' => $bat_adv_int['status']
));
} catch(PDOException $e) {
echo $e->getMessage();
}
}
echo " Inserting Batman advanced originators into DB\n";
/**Insert Batman Advanced Originators*/
$originator_count=count($data['batman_adv_originators']);
RrdTool::updateRouterBatmanAdvOriginatorsCountHistory($data['router_id'], $originator_count);
$average_link_quality = 0;
if(!empty($data['batman_adv_originators'])) {
foreach($data['batman_adv_originators'] as $originator) {
......@@ -141,8 +147,8 @@
}
$average_link_quality=($average_link_quality/$originator_count);
RrdTool::updateRouterBatmanAdvOriginatorLinkQuality($data['router_id'], "average", $average_link_quality, time());
echo " Inserting all other Data into DB\n";
Crawl::insertCrawlData($data);
} else {
......@@ -156,7 +162,7 @@
}
}
}
echo "The process took ".(time()-$starttime)." seconds\n";
function simplexml2array($xml) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment