-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.php
executable file
·133 lines (103 loc) · 4.16 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
<?php
include_once 'library/CacheLite/Cache/Lite.php';
define('FEED_URL', 'http://www.cvedetails.com/json-feed.php?numrows=30&vendor_id=0&product_id=0&version_id=0&hasexp=1&opec=1&opov=1&opcsrf=1&opfileinc=1&opgpriv=1&opsqli=1&opxss=1&opdirt=1&opmemc=1&ophttprs=1&opbyp=1&opginf=1&opdos=1&orderby=2&cvssscoremin=0');
$keywords = array('drupal', 'wordpress', 'apache', 'php', 'mysql', 'mariadb');
// Parameters
$format = NULL;
if( array_key_exists ('format', $_GET) ) {
$format = $_GET['format'];
}
$lifetime = NULL;
if( array_key_exists ('lifetime', $_GET) ) {
$lifetime = $_GET['lifetime'];
}
if( $lifetime < 0 && $lifetime > 12 ) {
$lifetime = 3600 * 3; // Default 3 hours
} else {
$lifetime = 3600 * $lifetime;
}
$cacheId = $format . $lifetime;
// Parameter validation
if( !isset($lifetime) || !isset($format) ) {
header('Content-Type: text/html; charset=utf-8');
print "<img src='http://33.media.tumblr.com/tumblr_ly4zanvuKu1qjpziro1_400.gif'><br><h1><em>Uh uh uh! You didn't say the magic word!</em></h1><em> — Dennis Nedry [Jurassic Park (1993)]</em><br><br>Refer to the project README.md in Gitlab for usage details. You know where to look.";
exit;
}
if( $format === "json" ) {
header('Content-Type: application/json; charset=utf-8');
} else {
header('Content-Type: application/rss+xml; charset=utf-8');
}
$cacheOptions = array(
'cacheDir' => realpath(dirname(__FILE__)) . '/cache/',
'lifeTime' => $lifetime
);
$Cache_Lite = new Cache_Lite($cacheOptions);
if ($data = $Cache_Lite->get($cacheId) ) {
header('X-CacheHit: true');
if( $format === "json" ) {
print json_encode(unserialize($data), JSON_PRETTY_PRINT);
} else if( $format === "rss" ) {
print formatJsonAsRSS(unserialize($data));
}
} else {
header('X-CacheHit: false');
$content = file_get_contents(FEED_URL);
$json = json_decode($content, true);
$countItem = 0;
$finalArray = array();
foreach($json as $item) {
$summary = $item['summary'];
$atLeastOneKeywordFound = FALSE;
// Find keywords in summary
foreach($keywords as $keyword) {
if( preg_match('/' . $keyword . '/i', $summary) ) {
$atLeastOneKeywordFound = TRUE;
$item['keyword'] = $keyword;
break;
}
}
if( $atLeastOneKeywordFound ) {
$finalArray[] = $item;
}
}
$Cache_Lite->save(serialize($finalArray), $cacheId);
if( $format === "json" ) {
print json_encode($finalArray, JSON_PRETTY_PRINT);
} else if( $format === "rss" ) {
print formatJsonAsRSS($finalArray);
}
}
function formatJsonAsRSS($json) {
$feedName = "Security Feed";
$feedUrl = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$feedUrlNoPram = "http://$_SERVER[HTTP_HOST]";
$lastBuildDate = date('r');
$feedDescription = "Security feed watching CVE reports of a list of keywords.";
$rssHeader = '<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:media="http://search.yahoo.com/mrss/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" version="2.0">
<channel>
<title>Security Feed</title>
<link>'. $feedUrlNoPram .'</link>
<description>'. $feedDescription .'</description>
<lastBuildDate>'. $lastBuildDate .'</lastBuildDate>
<language>en-US</language>
<sy:updatePeriod>hourly</sy:updatePeriod>
<sy:updateFrequency>1</sy:updateFrequency>';
$rssFooter = ' </channel>
</rss>';
$rssItems = '';
foreach($json as $item) {
$rssItems .= ' <item>
<title>' . $item['cve_id'] . ' [' . $item['keyword'] . ']</title>
<link>' . $item['url'] . '</link>
<pubDate>' . DateTime::createFromFormat('Y-m-d', $item['update_date'])->format('r') . '</pubDate>
<dc:creator><![CDATA[Alexandre Vallières-Lagacé]]></dc:creator>
<category><![CDATA[' . $item['keyword'] . ']]></category>
<guid isPermaLink="false">' . $item['url'] . '</guid>
<description><![CDATA[' . $item['summary'] . ']]></description>
<slash:comments>0</slash:comments>
</item>' . "\n";
}
return $rssHeader . $rssItems . $rssFooter;
}