$t('PHPIDS'),
'value' => $t('Found'),
);
// Test PHPIDS install
if (!file_exists(realpath(dirname(__FILE__) . '/IDS/Config/Config.ini'))) {
$requirements['phpids']['value'] = $t('Not found');
$requirements['phpids']['description'] = $t('You must dowload the latest PHPIDS package and place in the phpids module folder. Warning: the PHP4 version is not supported.');
$requirements['phpids']['severity'] = REQUIREMENT_ERROR;
}
return $requirements;
}
/**
* Implementation of hook_menu().
*/
function phpids_menu() {
$items['admin/settings/logging/phpids'] = array(
'title' => 'PHPIDS',
'description' => t('Configure phpids levels'),
'page callback' => 'drupal_get_form',
'page arguments' => array('phpids_admin_settings'),
);
$items['phpidswarning'] = array(
'title' => 'PHPIDS warning',
'page callback' => 'phpids_warning',
'access callback' => TRUE,
'type' => MENU_CALLBACK
);
return $items;
}
/**
* Implementation of hook_init().
* $ignore : value depends which action will happen
* 0 = do nothing
* 1 = only log
* 2 = log & actions
*/
function phpids_init() {
if (file_exists(realpath(dirname(__FILE__) . '/IDS/Config/Config.ini'))) {
global $user, $base_root;
// default is logging
$ignore = 1;
// anonymous user
if ($user->uid == 0) {
$anon = variable_get('phpids_anonymous',2);
if ($anon == 2) $ignore = 2;
}
// authenticated user - always ignore user 1
if ($user->uid != 0) {
if ($user->uid == 1) $ignore = 0;
else {
$auth = variable_get('phpids_authenticated',2);
if ($auth == 1) $ignore = 0;
if ($auth == 3) $ignore = 2;
}
}
// start PHPIDS if ignore is not 0
if ($ignore != 0) {
$request_uri = $base_root . request_uri();
// set include path and required the needed files
$phpids_path = realpath(dirname(__FILE__));
set_include_path(get_include_path(). PATH_SEPARATOR. $phpids_path);
require_once 'IDS/Init.php';
// instanciate the needed stuff
$request = array('GET' => $_GET, 'POST' => $_POST);
$init = IDS_Init::init($phpids_path.'/IDS/Config/Config.ini');
$init->config['General']['tmp_path'] = $phpids_path . '/IDS/tmp';
$init->config['General']['filter_path'] = $phpids_path . '/IDS/default_filter.xml';
$init->config['Caching']['caching'] = 'file';
$init->config['Caching']['path'] = $phpids_path. '/IDS/tmp/default_filter.cache';
$request = new IDS_Monitor($request, $init);
$report = $request->run();
// if report is not empty, always log
// depending on variables, take other actions if impact level matches settings criteria.
if (!$report->isEmpty()) {
// default action is log
$action = 0;
// level of severity
$severity = $report->getImpact();
// get variables to see if we need to take more action than only logging
$mail_level = variable_get('phpids_maillevel',9);
$mail_sent = variable_get('phpids_mail','');
$warn_level = variable_get('phpids_warnlevel',27);
if ($severity >= $mail_level && !empty($mail_sent) && $ignore == 2) $action = 1;
if ($severity >= $warn_level && $ignore == 2) $action = 2;
// create detailed report
$message = 'Total impact: ' . $severity . '
';
$message .= 'All tags: ' . join(", ", $report->getTags()) . '
';
// iterate through the result an get every event (IDS_Event)
foreach ($report as $event) {
$message .= '