#!/usr/bin/python

import cgi, cgitb
import mysql.connector
import json
#import html

cgitb.enable()
cnx = mysql.connector.connect(
    user='root', password='s3cur1ty', host='127.0.0.1', database='vapidlabs')

cursor = cnx.cursor()

JSON_Object = {
  "DATA_VERSION": "2.4",
  "UPDATED": "DATE-TIMESTAMP",
  "SERIAL": "INT",
  "CVE_ID": "CVE-YEAR-NNNNNNN",
  "DATE_REQUESTED": "DATE-TIMESTAMP",
  "DATE_ASSIGNED": "DATE-TIMESTAMP",
  "DATE_PUBLIC": "DATE_PUBLIC",
  "REQUESTER": "larry0@me.com",
  "ASSIGNER": "kurt@seifried.org",
  "REPLACED_BY": "replaced by data",
  "STATE": "PUBLIC",
  "TITLE": "Short title",
  "DWF": {
    "PROBLEM_TYPE": {
      "CWE": "X",
      "OWASP": "X",
      "DESCRIPTION": {
        "eng": "String description of issue"
      }
    },
    "IMPACT": {
      "DATA_VERSION": "2.4",
      "eng": "Text data here",
    },
    "AFFECTS": [
      {
        "PRODUCT": "string",
        "AFFECTED": [
          "1.0"
        ]
      }
    ],
    "DESCRIPTION": {
      "eng": "String description of issue"
    },
    "REFERENCES": [
      {
        "FILES": [
          {
            "URL": "URL to reference",
            "LOCALNAME": "advisory.php?v=" 
          }
        ]
      }
    ]
}
}

# Create instance of FieldStorage 
form = cgi.FieldStorage()
print "\n"
#print "<html><pre>"

id = form.getvalue("id")
if id.isdigit():
	cursor.execute("SELECT title,cveids,download,url,vulnerability,version,cwe,cwe_string FROM v_entry WHERE vdbid = %s", (id, ))
	for (title, cveids, download,url,vulnerability,version,cwe,cwe_string) in cursor:
		mytitle = title
		mycve = cveids
		down = download
		adv = url
		vuln = vulnerability
		vuln = cgi.escape(vuln, quote=True)
		ver = version
		cwe = cwe
		cwe_string = cwe_string
		JSON_Object['DWF']['CVE_ID'] = mycve
		JSON_Object['CVE_ID'] = mycve
		JSON_Object['TITLE'] = mytitle
		JSON_Object['DWF']['DESCRIPTION']['eng'] = mytitle
		JSON_Object['DWF']['PROBLEM_TYPE']['CWE'] = cwe
		JSON_Object['DWF']['AFFECTS'][0]['PRODUCT'] = download
		JSON_Object['DWF']['AFFECTS'][0]['AFFECTED'] = ver
		JSON_Object['DWF']['REFERENCES'][0]['FILES'][0]['URL'] = url
		JSON_Object['DWF']['REFERENCES'][0]['FILES'][0]['LOCALNAME'] = 'advisory.php?v=' + id
		JSON_Object['DWF']['PROBLEM_TYPE']['DESCRIPTION'] = vuln
	print json.dumps(JSON_Object, indent=4, separators=(',', ': '))
#	print "</pre></html>"
	cursor.close()
	cnx.close()
