I have a system that runs snortreport, which basically just pulls information from a database and displays it on screen.
For one of the pages (https://myserver.local.lab/snortreport/sigdetail.php?signature=SHELLCODE+x86+NOOP&sigid=137&sigsid=648&FQDN=yes&beginTime=1320332359&endTime=1320418759
) I am getting the following error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND (event.timestamp > FROM_UNIXTIME(1320332359) AND event.timestamp < FROM_UN' at line 1
I am not a php programmer but I can usually hack my way around things. I assumed the error was in sigdetail.php since that is the page being loaded.
I was able to find 2 lines of code that looked like they could be the problem:
$DBTimeConstraint = "(event.timestamp > " . $db->timestamp($beginTime)
. " AND event.timestamp < " . $db->timestamp($endTime) . ")";
$query = "SELECT event.cid, event.sid, iphdr.ip_src, iphdr.ip_dst, " . $db->timeSinceEpoch("event
") . " AS timestamp FROM event, iphdr WHERE event.cid = iphdr.cid AND event.sid = iphdr.sid AND event.signature = '".$sigid."' AND $DBTimeConstraint" or die("Error in query");
Since I don't know php well enough I was hoping that someone could help me with this. The error says on line 1, I can not find anything wrong with line 1 in any file, the all have the basic <?php for line 1.