Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-09 14:56:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug fix: aiscanner schedule

Browse Source
This commit is contained in:
usmannasir
2025-07-07 14:08:40 +05:00
parent 80d63b7e92
commit 3e1ad26af1
3 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CyberCP/secMiddleware.py
View File

@@ -167,14 +167,14 @@ class secMiddleware:
if os.path.exists(ProcessUtilities.debugPath): if os.path.exists(ProcessUtilities.debugPath):
logging.writeToFile(f'Item type detected as list') logging.writeToFile(f'Item type detected as list')
for items in value: for items in value:
if items.find('- -') > -1 or items.find('\n') > -1 or items.find(';') > -1 or items.find( if isinstance(items, str) and (items.find('- -') > -1 or items.find('\n') > -1 or items.find(';') > -1 or items.find(
'&&') > -1 or items.find('|') > -1 or items.find('...') > -1 \ '&&') > -1 or items.find('|') > -1 or items.find('...') > -1 \
or items.find("`") > -1 or items.find("$") > -1 or items.find( or items.find("`") > -1 or items.find("$") > -1 or items.find(
"(") > -1 or items.find(")") > -1 \ "(") > -1 or items.find(")") > -1 \
or items.find("'") > -1 or items.find("[") > -1 or items.find( or items.find("'") > -1 or items.find("[") > -1 or items.find(
"]") > -1 or items.find("{") > -1 or items.find("}") > -1 \ "]") > -1 or items.find("{") > -1 or items.find("}") > -1 \
or items.find(":") > -1 or items.find("<") > -1 or items.find( or items.find(":") > -1 or items.find("<") > -1 or items.find(
">") > -1 or items.find("&") > -1: ">") > -1 or items.find("&") > -1):
logging.writeToFile(request.body) logging.writeToFile(request.body)
final_dic = { final_dic = {
'error_message': "Data supplied is not accepted, following characters are not allowed in the input ` $ & ( ) [ ] { } ; : < >.", 'error_message': "Data supplied is not accepted, following characters are not allowed in the input ` $ & ( ) [ ] { } ; : < >.",
@@ -202,7 +202,7 @@ class secMiddleware:
if isAPIEndpoint: if isAPIEndpoint:
# For API endpoints, still check for the most dangerous command injection characters # For API endpoints, still check for the most dangerous command injection characters
if (value.find('- -') > -1 or value.find('\n') > -1 or value.find(';') > -1 or if isinstance(value, (str, bytes)) and (value.find('- -') > -1 or value.find('\n') > -1 or value.find(';') > -1 or
value.find('&&') > -1 or value.find('||') > -1 or value.find('|') > -1 or value.find('&&') > -1 or value.find('||') > -1 or value.find('|') > -1 or
value.find('...') > -1 or value.find("`") > -1 or value.find("$") > -1 or value.find('...') > -1 or value.find("`") > -1 or value.find("$") > -1 or
value.find('../') > -1 or value.find('../../') > -1): value.find('../') > -1 or value.find('../../') > -1):

2
aiScanner/aiScannerManager.py
View File

@@ -81,7 +81,7 @@ class AIScannerManager:
# Get user's websites for scan selection using ACL-aware method # Get user's websites for scan selection using ACL-aware method
try: try:
websites = ACLManager.findWebsiteObjects(currentACL, userID) websites = ACLManager.findWebsiteObjects(currentACL, userID)
self.logger.writeToFile(f'[AIScannerManager.scannerHome] Found {websites.count()} websites for {admin.userName}') self.logger.writeToFile(f'[AIScannerManager.scannerHome] Found {len(websites)} websites for {admin.userName}')
except Exception as e: except Exception as e:
self.logger.writeToFile(f'[AIScannerManager.scannerHome] Error fetching websites: {str(e)}') self.logger.writeToFile(f'[AIScannerManager.scannerHome] Error fetching websites: {str(e)}')
websites = [] websites = []

31
aiScanner/templates/aiScanner/scanner.html
View File

@@ -1563,6 +1563,19 @@ setInterval(() => {
// Scheduled Scans Functions // Scheduled Scans Functions
function showScheduleModal() { function showScheduleModal() {
// Reset form for new schedule
document.getElementById('scheduleForm').reset();
document.getElementById('scheduleId').value = '';
// Uncheck all domain checkboxes
document.querySelectorAll('input[name="domains"]').forEach(cb => cb.checked = false);
// Reset checkboxes to their defaults
document.getElementById('emailNotifications').checked = true;
document.getElementById('notifyOnThreats').checked = true;
document.getElementById('notifyOnCompletion').checked = false;
document.getElementById('notifyOnFailure').checked = true;
$('#scheduleModal').modal('show'); $('#scheduleModal').modal('show');
} }
@@ -1631,8 +1644,16 @@ function displayScheduledScans(scans) {
} }
function saveScheduledScan() { function saveScheduledScan() {
const formData = new FormData(document.getElementById('scheduleForm')); const form = document.getElementById('scheduleForm');
const data = Object.fromEntries(formData); const formData = new FormData(form);
const data = {};
// Process form data, excluding checkboxes and multi-select fields
for (let [key, value] of formData.entries()) {
if (!['email_notifications', 'notify_on_threats', 'notify_on_completion', 'notify_on_failure', 'domains'].includes(key)) {
data[key] = value;
}
}
// Get selected domains // Get selected domains
const selectedDomains = Array.from(document.querySelectorAll('input[name="domains"]:checked')) const selectedDomains = Array.from(document.querySelectorAll('input[name="domains"]:checked'))
@@ -1652,6 +1673,12 @@ function saveScheduledScan() {
data.notification_emails = notificationEmails; data.notification_emails = notificationEmails;
// Convert checkbox values to booleans explicitly
data.email_notifications = document.getElementById('emailNotifications').checked;
data.notify_on_threats = document.getElementById('notifyOnThreats').checked;
data.notify_on_completion = document.getElementById('notifyOnCompletion').checked;
data.notify_on_failure = document.getElementById('notifyOnFailure').checked;
fetch('/aiscanner/scheduled-scans/', { fetch('/aiscanner/scheduled-scans/', {
method: 'POST', method: 'POST',
headers: { headers: {