X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=html%2Fgetkiosk.php;h=1b383e753632037e4ab817709ce8e94adef7aa04;hb=3a4267cf68ad2bab22b38af3536251e6d2e90ec2;hp=ce141cae3260694fb3aa498656bcc56c2bc5b35a;hpb=48221e8bc034b46a4600bbb72747e42402178e64;p=gosa.git

diff --git a/html/getkiosk.php b/html/getkiosk.php
index ce141cae3..1b383e753 100644
--- a/html/getkiosk.php
+++ b/html/getkiosk.php
@@ -22,7 +22,7 @@ function getkiosk ($id)
 {
 
   if(!file_exists($id)){
-    echo sprintf(_("Can't open file '%s', possibly the file does not exists."),$id);
+    echo sprintf(_("Can't open file '%s', possibly the file does not exist."),$id);
     exit();
   }
 
@@ -32,12 +32,16 @@ function getkiosk ($id)
   }
 
   $display = file_get_contents($id);
+
+  $nn = preg_replace("/^.*\//","",$id);
+
   header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
   header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
   header("Cache-Control: no-cache");
   header("Pragma: no-cache");
   header("Cache-Control: post-check=0, pre-check=0");
   header("Content-type: application/octet-stream");
+  header("Content-Disposition: attachment; filename=".$nn);
 	echo $display;
 }
 
@@ -45,26 +49,35 @@ function getkiosk ($id)
 /* Basic setup, remove eventually registered sessions */
 @require_once ("../include/php_setup.inc");
 @require_once ("functions.inc");
-error_reporting (E_ALL);
+error_reporting (E_ALL | E_STRICT);
 session_start ();
 
 /* Logged in? Simple security check */
 if (!isset($_SESSION['ui'])){
-  gosa_log ("Error: getkiosk.php called without session");
-  header ("Location: ../index.php");
+  new log("security","fai","",array(),"Error: getkiosk.php called without session") ;
+  header ("Location: index.php");
   exit;
 }
 $ui= $_SESSION["ui"];
 $config= $_SESSION['config'];
 
 /* Check ACL's */
-$acl= get_permissions ($config->current['BASE'], $ui->subtreeACL);
-$acl= get_module_permission($acl, "all", $config->current['BASE']);
-if (chkacl($acl, "all") != ""){
-  header ("Location: ../index.php");
+#FIXME Use more specific acl categories instead of all/all
+$ui = get_userinfo();
+
+$tmp = $ui->get_module_departments("server/goKioskService");
+$found = FALSE;
+foreach($tmp as $dir){
+  if(preg_match("/r/",$ui->get_permissions($dir,"server/goKioskService"))){
+    $found = TRUE;
+    break;
+  }
+}
+if(!$found){
+  header ("Location: index.php");
   exit;
 }
-$dir = search_config($config->data,"environment", "KIOSKPATH");
+$dir= $config->search('environment', 'kioskpath', array('tabs','menu'));
 getkiosk($dir."/".$_GET['id']);
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: