def filter(): global filterStart if request.method == "POST": __filterBY__ = request.form['filter'] __modu__ = request.form['modules'] __summary__ = {} __modules__ = __modu__.split(',') for item in __modules__: __summary__[item] = [] db = Database("database/vfeed.db") __conn__ = db.Establish_connection() if __modules__ is not None: for item in __modules__: if (item != " " and __conn__): query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' order by {1} desc limit {2},10".format( item, __filterBY__, filterStart) # query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '% microsoft%' order by cveid limit 10" cur = __conn__.execute(query) rows = cur.fetchall() for row in rows: __summary__[item].append(row) __conn__.close() return render_template('public/home.html', __summary__=__summary__, error=0) return render_template('public/test.html', filter=__filterBY__, modules=__modules__)
def process_next(): global start start = start + 10 if request.method == "POST": __summary__ = {} __cveid__ = {} __modules__ = [] __modules__ = request.form['next'].split(',') __pages__ = False pages = 0 if __modules__ is not None: db = Database("database/vfeed.db") __conn__ = db.Establish_connection() if __conn__: # Got a database connection for item in __modules__: # check every module in module list __summary__[item] = [ ] # save this module to the summary dictionary with empty list __cveid__[item] = [] for item in __modules__: if (item != ""): total_rows_query = "select count(*) from nvd_db where summary like '%{0}%'".format( item) cur = __conn__.execute(total_rows_query) total_rows = cur.fetchone( ) # returns a tuple total_pages = total_rows[0] // 10 if total_pages - start > 10: pages = pages + int(total_pages) if start > pages: start = 0 else: __pages__ = True query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' limit {1},10 ".format( item, start) cur = __conn__.execute(query) rows = cur.fetchall() for row in rows: __summary__[item].append( [row[0], row[1], row[2], row[3]]) __conn__.close() return render_template('public/home.html', __summary__=__summary__, error=0, pages=__pages__) else: return render_template('500.html', error="Error connecting Database", summary=0) else: return render_template("401.html", error="No modules found", summary=0) else: return render_template("401.html", error="Get Method Not Supported")
def response(): __summary__ = {} __cveid__ = {} __pages__ = False if request.method == "POST": __modules__ = request.form['data'].split(',') if __modules__ is not None: db = Database("database/vfeed.db") __conn__ = db.Establish_connection() if __conn__: # Got a database connection for item in __modules__: # check every module in module list if item is not None: # and item not in excludes: __summary__[item] = [ ] # save this module to the summary dictionary with empty list __cveid__[item] = [] for item in __modules__: if (item != ""): total_rows_query = "select count(*) from nvd_db where summary like '%{0}%'".format( item) cur = __conn__.execute(total_rows_query) total_rows = cur.fetchone() total_pages = total_rows[0] // 10 if (total_pages > 10): __pages__ = True query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' limit 0,10".format( item) cur = __conn__.execute(query) rows = cur.fetchall() if rows: for row in rows: __summary__[item].append(row) __conn__.close() return render_template('public/home.html', __summary__=__summary__, pages=__pages__, error=0) else: flash("Error connecting database", "success") return redirect(url_for('public.home')) else: return render_template("401.html", error="No modules found", summary=0) flash("Get Method not supported", "success") # else: return redirect(url_for('public.home'))
def process_ajax(): global start start = start + 10 module = request.args.get('a') if request.method == "GET": __summary__ = {} __summary__[module] = [] db = Database("database/vfeed.db") __conn__ = db.Establish_connection() if __conn__: query = "select cveid,date_published,date_modified,summary from nvd_db where summary like '%{0}%' limit {1},10".format( module, start) cur = __conn__.execute(query) rows = cur.fetchall() __conn__.close() for row in rows: __summary__[module].append(row) return jsonify(result=__summary__)
def process(): if request.method == "POST": module = request.form['module'] check = request.form['check'] __pages__ = False if module.lower() not in exc_py.python_excludes(): __summary__ = {} __summary__[module] = [] db = Database("database/vfeed.db") __conn__ = db.Establish_connection() if __conn__: total_rows_query = "select count(*) from nvd_db where summary like '%{0}%'".format( module) cur = __conn__.execute(total_rows_query) total_rows = cur.fetchone() total_pages = total_rows[0] // 10 if (total_pages > 10): __pages__ = True query = "select cveid,date_published,date_modified,summary from nvd_db where {0} like '%{1}%' limit 0,10".format( check, module) cur = __conn__.execute(query) rows = cur.fetchall() __conn__.close() for row in rows: __summary__[module].append(row) return render_template("public/home.html", __summary__=__summary__, error=0, pages=__pages__) else: flash("Database Error", "success") return redirect(url_for('public.home')) # return render_template("500.html",summary=0,error="Database Error") else: flash("No Vulnerability found", "success") return redirect(url_for('public.home')) # return render_template("401.html",summary=0,error="No Vulnerability found") else: flash("GET method not supported") return redirect(url_for('public.home'))