diff --git a/html/getkiosk.php b/html/getkiosk.php
index f4a41e263fcbc045d52c7408f03c51db1e926f3d..1b383e753632037e4ab817709ce8e94adef7aa04 100644 (file)
--- a/html/getkiosk.php
+++ b/html/getkiosk.php
}
$display = file_get_contents($id);
}
$display = file_get_contents($id);
+
+ $nn = preg_replace("/^.*\//","",$id);
+
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
header("Cache-Control: post-check=0, pre-check=0");
header("Content-type: application/octet-stream");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
header("Cache-Control: post-check=0, pre-check=0");
header("Content-type: application/octet-stream");
+ header("Content-Disposition: attachment; filename=".$nn);
echo $display;
}
echo $display;
}
/* Basic setup, remove eventually registered sessions */
@require_once ("../include/php_setup.inc");
@require_once ("functions.inc");
/* Basic setup, remove eventually registered sessions */
@require_once ("../include/php_setup.inc");
@require_once ("functions.inc");
-error_reporting (E_ALL);
+error_reporting (E_ALL | E_STRICT);
session_start ();
/* Logged in? Simple security check */
if (!isset($_SESSION['ui'])){
session_start ();
/* Logged in? Simple security check */
if (!isset($_SESSION['ui'])){
- gosa_log ("Error: getkiosk.php called without session");
- header ("Location: ../index.php");
+ new log("security","fai","",array(),"Error: getkiosk.php called without session") ;
+ header ("Location: index.php");
exit;
}
$ui= $_SESSION["ui"];
$config= $_SESSION['config'];
/* Check ACL's */
exit;
}
$ui= $_SESSION["ui"];
$config= $_SESSION['config'];
/* Check ACL's */
-$acl= get_permissions ($config->current['BASE'], $ui->subtreeACL);
-$acl= get_module_permission($acl, "all", $config->current['BASE']);
-if (chkacl($acl, "all") != ""){
- header ("Location: ../index.php");
+#FIXME Use more specific acl categories instead of all/all
+$ui = get_userinfo();
+
+$tmp = $ui->get_module_departments("server/goKioskService");
+$found = FALSE;
+foreach($tmp as $dir){
+ if(preg_match("/r/",$ui->get_permissions($dir,"server/goKioskService"))){
+ $found = TRUE;
+ break;
+ }
+}
+if(!$found){
+ header ("Location: index.php");
exit;
}
exit;
}
-$dir = search_config($config->data,"environment", "KIOSKPATH");
+$dir= $config->search('environment', 'kioskpath', array('tabs','menu'));
getkiosk($dir."/".$_GET['id']);
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
getkiosk($dir."/".$_GET['id']);
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: