X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=html%2Fgetkiosk.php;h=ba0ea77ee2f283ad87e16a06b62ea4e96f06a0c6;hb=a53bfa2dc9c8bb54885868b8d7966a629f4a60c1;hp=d3a25ad3f891a0109b2865dc2caf16a70c44c144;hpb=aa26fd47b6cffd3a40d6cfb8e780d813395600a0;p=gosa.git

diff --git a/html/getkiosk.php b/html/getkiosk.php
index d3a25ad3f..ba0ea77ee 100644
--- a/html/getkiosk.php
+++ b/html/getkiosk.php
@@ -49,12 +49,12 @@ function getkiosk ($id)
 /* Basic setup, remove eventually registered sessions */
 @require_once ("../include/php_setup.inc");
 @require_once ("functions.inc");
-error_reporting (E_ALL);
+error_reporting (E_ALL | E_STRICT);
 session_start ();
 
 /* Logged in? Simple security check */
 if (!isset($_SESSION['ui'])){
-  gosa_log ("Error: getkiosk.php called without session");
+  new log("security","fai","",array(),"Error: getkiosk.php called without session") ;
   header ("Location: index.php");
   exit;
 }
@@ -62,9 +62,10 @@ $ui= $_SESSION["ui"];
 $config= $_SESSION['config'];
 
 /* Check ACL's */
-$acl= get_permissions ($config->current['BASE'], $ui->subtreeACL);
-$acl= get_module_permission($acl, "all", $config->current['BASE']);
-if (chkacl($acl, "all") != ""){
+#FIXME Use more specific acl categories instead of all/all
+$ui = get_userinfo();
+$acl = $ui->get_permissions(base64_decode($_GET['id']),"all/all");
+if(!preg_match("/r/",$acl)){
   header ("Location: index.php");
   exit;
 }