diff --git a/html/getFAIscript.php b/html/getFAIscript.php
index ba480b780b7c33624773eafee94aad80a4db5780..60e53d56a69f92c422b7fe4870d8636568fa345f 100644 (file)
--- a/html/getFAIscript.php
+++ b/html/getFAIscript.php
$ldap = $_SESSION['config']->get_ldap_link();
$ldap->cd($_SESSION['config']->current['BASE']);
$ldap = $_SESSION['config']->get_ldap_link();
$ldap->cd($_SESSION['config']->current['BASE']);
- $sr= $ldap->cat($id);
+ $sr= $ldap->cat($id, array("FAItemplateFile", "FAIscript", "cn", "objectClass"));
$ei= ldap_first_entry($ldap->cid, $sr);
$ei= ldap_first_entry($ldap->cid, $sr);
- $tmp = ldap_get_values_len($ldap->cid, $ei,"FAIscript");
+ if(isset($_GET['is_template'])){
+ $tmp = ldap_get_values_len($ldap->cid, $ei,"FAItemplateFile");
+ }else{
+ $tmp = ldap_get_values_len($ldap->cid, $ei,"FAIscript");
+ }
$tmp2 = $ldap->fetch();
$tmp2 = $ldap->fetch();
+
$name= $tmp2['cn'][0];
$name= $tmp2['cn'][0];
+ if(in_array("FAIhookEntry",$tmp2['objectClass'])){
+ $name.= ".FAIhook";
+ }elseif(in_array("FAIscriptEntry",$tmp2['objectClass'])){
+ $name .= ".FAIscript";
+ }elseif(isset($_GET['is_template'])){
+ if(preg_match("/\//",$name)){
+ $name = preg_replace("/^.*\//","",$name);
+ }
+ }
if(isset($tmp[0])){
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
if(isset($tmp[0])){
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
+ header("Content-transfer-encoding: binary\n");
header("Cache-Control: post-check=0, pre-check=0");
header("Content-type: application/octet-stream");
header("Cache-Control: post-check=0, pre-check=0");
header("Content-type: application/octet-stream");
- header("Content-Disposition: attachment; filename=".$name.".FAIscript");
+ header("Content-Disposition: attachment; filename=".$name);
echo $tmp[0];
}else{
echo sprintf("Can't query for this item '%s'",$id);
echo $tmp[0];
}else{
echo sprintf("Can't query for this item '%s'",$id);
/* Logged in? Simple security check */
if (!isset($_SESSION['ui'])){
gosa_log ("Error: getFAIScript.php called without session");
/* Logged in? Simple security check */
if (!isset($_SESSION['ui'])){
gosa_log ("Error: getFAIScript.php called without session");
- header ("Location: ../index.php");
+ header ("Location: index.php");
exit;
}
$ui= $_SESSION["ui"];
$config= $_SESSION['config'];
/* Check ACL's */
exit;
}
$ui= $_SESSION["ui"];
$config= $_SESSION['config'];
/* Check ACL's */
-$acl= get_permissions ($config->current['BASE'], $ui->subtreeACL);
-$acl= get_module_permission($acl, "all", $config->current['BASE']);
-if (chkacl($acl, "all") != ""){
- header ("Location: ../index.php");
+#FIXME Use more specific acl categories instead of all/all
+$ui = get_userinfo();
+$acl = $ui->get_permissions(base64_decode($_GET['id']),"all/all");
+if(!preg_match("/r/",$acl)){
+ header ("Location: index.php");
exit;
}
$dir = search_config($config->data,"environment", "KIOSKPATH");
exit;
}
$dir = search_config($config->data,"environment", "KIOSKPATH");