X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=html%2FgetFAIscript.php;h=45277a6fdcf544184923056b6fb79af62dddd2e0;hb=bf781db3d9f73f8bd555ce039f659ca7ee3adf54;hp=aec3c3bdd3a2f384c0f61028436bdb54e49d09e8;hpb=d4729740d1db57e957c1c6667edf37f5b09e99e1;p=gosa.git

diff --git a/html/getFAIscript.php b/html/getFAIscript.php
index aec3c3bdd..45277a6fd 100644
--- a/html/getFAIscript.php
+++ b/html/getFAIscript.php
@@ -62,26 +62,27 @@ restore_error_handler();
 /* Basic setup, remove eventually registered sessions */
 @require_once ("../include/php_setup.inc");
 @require_once ("functions.inc");
-error_reporting (E_ALL);
+error_reporting (E_ALL | E_STRICT);
 session_start ();
 
 /* Logged in? Simple security check */
 if (!isset($_SESSION['ui'])){
-  gosa_log ("Error: getFAIScript.php called without session");
-  header ("Location: ../index.php");
+  new log("security","fai","",array(),"Error: getFAIScript.php called without session") ;
+  header ("Location: index.php");
   exit;
 }
 $ui= $_SESSION["ui"];
 $config= $_SESSION['config'];
 
 /* Check ACL's */
-$acl= get_permissions ($config->current['BASE'], $ui->subtreeACL);
-$acl= get_module_permission($acl, "all", $config->current['BASE']);
-if (chkacl($acl, "all") != ""){
-  header ("Location: ../index.php");
+#FIXME Use more specific acl categories instead of all/all
+$ui = get_userinfo();
+$acl = $ui->get_permissions(base64_decode($_GET['id']),"all/all");
+if(!preg_match("/r/",$acl)){
+  header ("Location: index.php");
   exit;
 }
-$dir = search_config($config->data,"environment", "KIOSKPATH");
+$dir= $config->search('environment', 'kioskpath', array('main','tabs'));
 getFAIScript(base64_decode($_GET['id']));
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: