audit fixes

This commit is contained in:
SJ 2013-03-21 20:26:49 +01:00
parent 01c2427391
commit 7463721c2a
7 changed files with 16 additions and 2 deletions

View File

@ -61,6 +61,8 @@ class ControllerAuditHelper extends Controller {
$this->data['actions'][ACTION_CHANGE_USER_SETTINGS] = $this->data['text_change_user_settings']; $this->data['actions'][ACTION_CHANGE_USER_SETTINGS] = $this->data['text_change_user_settings'];
$this->data['actions'][ACTION_REMOVE_MESSAGE] = $this->data['text_remove_message2']; $this->data['actions'][ACTION_REMOVE_MESSAGE] = $this->data['text_remove_message2'];
$this->data['actions'][ACTION_UNAUTHORIZED_REMOVE_MESSAGE] = $this->data['text_unauthorized_remove_message']; $this->data['actions'][ACTION_UNAUTHORIZED_REMOVE_MESSAGE] = $this->data['text_unauthorized_remove_message'];
$this->data['actions'][ACTION_DOWNLOAD_ATTACHMENT] = $this->data['text_download_attachment2'];
$this->data['actions'][ACTION_UNAUTHORIZED_DOWNLOAD_ATTACHMENT] = $this->data['text_unauthorized_download_attachment'];

View File

@ -19,6 +19,8 @@ class ControllerMessageAttachment extends Controller {
$this->data['id'] = @$this->request->get['id']; $this->data['id'] = @$this->request->get['id'];
$messageid = 0;
if(!verify_piler_id($this->data['id'])) { if(!verify_piler_id($this->data['id'])) {
AUDIT(ACTION_UNKNOWN, '', '', $this->data['id'], 'unknown id: ' . $this->data['id']); AUDIT(ACTION_UNKNOWN, '', '', $this->data['id'], 'unknown id: ' . $this->data['id']);
die("invalid id: " . $this->data['id']); die("invalid id: " . $this->data['id']);
@ -31,7 +33,9 @@ class ControllerMessageAttachment extends Controller {
} }
AUDIT(ACTION_DOWNLOAD_ATTACHMENT, '', '', $this->data['id'], ''); $messageid = $this->model_search_message->get_id_by_piler_id($this->data['attachment']['piler_id']);
AUDIT(ACTION_DOWNLOAD_ATTACHMENT, '', '', $messageid, $this->data['id']);
header("Cache-Control: public, must-revalidate"); header("Cache-Control: public, must-revalidate");
header("Pragma: no-cache"); header("Pragma: no-cache");

View File

@ -72,6 +72,7 @@ $_['text_dn_asterisk_means_skip_sync'] = "Asterisk (*) means this user entry wil
$_['text_domain'] = "Domain"; $_['text_domain'] = "Domain";
$_['text_domains'] = "Domain(s)"; $_['text_domains'] = "Domain(s)";
$_['text_domainname'] = "Domain name"; $_['text_domainname'] = "Domain name";
$_['text_download_attachment2'] = "download attachment";
$_['text_download_message'] = "Download message (EML)"; $_['text_download_message'] = "Download message (EML)";
$_['text_download_message2'] = "download message"; $_['text_download_message2'] = "download message";
@ -311,6 +312,7 @@ $_['text_total_users'] = "total";
$_['text_uids'] = "uids"; $_['text_uids'] = "uids";
$_['text_unauthorized_domain'] = "Unauthorized domain"; $_['text_unauthorized_domain'] = "Unauthorized domain";
$_['text_unauthorized_download_attachment'] = "unauthorized attachment download";
$_['text_unauthorized_remove_message'] = "unauthorized message removal"; $_['text_unauthorized_remove_message'] = "unauthorized message removal";
$_['text_unauthorized_view_message'] = "unathorized message view"; $_['text_unauthorized_view_message'] = "unathorized message view";
$_['text_unknown'] = "unknown"; $_['text_unknown'] = "unknown";

View File

@ -72,6 +72,7 @@ $_['text_dn_asterisk_means_skip_sync'] = "A csillag (*) azt jelenti, hogy ez a f
$_['text_domain'] = "Domain"; $_['text_domain'] = "Domain";
$_['text_domains'] = "Domain(ek)"; $_['text_domains'] = "Domain(ek)";
$_['text_domainname'] = "Domainnév"; $_['text_domainname'] = "Domainnév";
$_['text_download_attachment2'] = "melléklet letöltés";
$_['text_download_message'] = "Levél letöltése (EML)"; $_['text_download_message'] = "Levél letöltése (EML)";
$_['text_download_message2'] = "levél letöltése"; $_['text_download_message2'] = "levél letöltése";
@ -313,6 +314,7 @@ $_['text_total_users'] = "
$_['text_uids'] = "Felhasználó azonosítók"; $_['text_uids'] = "Felhasználó azonosítók";
$_['text_unknown'] = "ismeretlen"; $_['text_unknown'] = "ismeretlen";
$_['text_unauthorized_domain'] = "Nem megengedett domain"; $_['text_unauthorized_domain'] = "Nem megengedett domain";
$_['text_unauthorized_download_attachment'] = "jogosulatlan melléklet letöltés";
$_['text_unauthorized_remove_message'] = "jogosulatlan üzenet törlés"; $_['text_unauthorized_remove_message'] = "jogosulatlan üzenet törlés";
$_['text_unauthorized_view_message'] = "jogosulatlan üzenet megtekintés"; $_['text_unauthorized_view_message'] = "jogosulatlan üzenet megtekintés";
$_['text_update_selected_uids'] = "Kijelölt azonosítók módosítása"; $_['text_update_selected_uids'] = "Kijelölt azonosítók módosítása";

View File

@ -72,6 +72,7 @@ $_['text_dn_asterisk_means_skip_sync'] = "A csillag (*) azt jelenti, hogy ez a f
$_['text_domain'] = "Domain"; $_['text_domain'] = "Domain";
$_['text_domains'] = "Domain(ek)"; $_['text_domains'] = "Domain(ek)";
$_['text_domainname'] = "Domainnév"; $_['text_domainname'] = "Domainnév";
$_['text_download_attachment2'] = "melléklet letöltés";
$_['text_download_message'] = "Levél letöltése (EML)"; $_['text_download_message'] = "Levél letöltése (EML)";
$_['text_download_message2'] = "levél letöltése"; $_['text_download_message2'] = "levél letöltése";
@ -313,6 +314,7 @@ $_['text_total_users'] = "összes";
$_['text_uids'] = "Felhasználó azonosítók"; $_['text_uids'] = "Felhasználó azonosítók";
$_['text_unknown'] = "ismeretlen"; $_['text_unknown'] = "ismeretlen";
$_['text_unauthorized_domain'] = "Nem megengedett domain"; $_['text_unauthorized_domain'] = "Nem megengedett domain";
$_['text_unauthorized_download_attachment'] = "jogosulatlan melléklet letöltés";
$_['text_unauthorized_remove_message'] = "jogosulatlan üzenet törlés"; $_['text_unauthorized_remove_message'] = "jogosulatlan üzenet törlés";
$_['text_unauthorized_view_message'] = "jogosulatlan üzenet megtekintés"; $_['text_unauthorized_view_message'] = "jogosulatlan üzenet megtekintés";
$_['text_update_selected_uids'] = "Kijelölt azonosítók módosítása"; $_['text_update_selected_uids'] = "Kijelölt azonosítók módosítása";

View File

@ -72,6 +72,7 @@ $_['text_dn_asterisk_means_skip_sync'] = "Asterisco (*) significa que este usuá
$_['text_domain'] = "Domínios"; $_['text_domain'] = "Domínios";
$_['text_domains'] = "Domínio(s)"; $_['text_domains'] = "Domínio(s)";
$_['text_domainname'] = "Nome do domínio"; $_['text_domainname'] = "Nome do domínio";
$_['text_download_attachment2'] = "download anexo";
$_['text_download_message'] = "Download mensagem (EML)"; $_['text_download_message'] = "Download mensagem (EML)";
$_['text_download_message2'] = "download mensagem"; $_['text_download_message2'] = "download mensagem";
@ -311,6 +312,7 @@ $_['text_total_users'] = "total";
$_['text_uids'] = "UIDs"; $_['text_uids'] = "UIDs";
$_['text_unauthorized_domain'] = "Domínio não autorizado"; $_['text_unauthorized_domain'] = "Domínio não autorizado";
$_['text_unauthorized_download_attachment'] = "unauthorized attachment download";
$_['text_unauthorized_remove_message'] = "remoção de mensagem não autorizada"; $_['text_unauthorized_remove_message'] = "remoção de mensagem não autorizada";
$_['text_unauthorized_view_message'] = "visualização de mensagem não autorizada"; $_['text_unauthorized_view_message'] = "visualização de mensagem não autorizada";
$_['text_unknown'] = "desconhecido"; $_['text_unknown'] = "desconhecido";

View File

@ -453,7 +453,7 @@ class ModelSearchMessage extends Model {
$attachment = $this->get_attachment($query->row['piler_id'], $query->row['attachment_id']); $attachment = $this->get_attachment($query->row['piler_id'], $query->row['attachment_id']);
return array('filename' => $query->row['name'], 'attachment' => $attachment); return array('filename' => $query->row['name'], 'piler_id' => $query->row['piler_id'], 'attachment' => $attachment);
} }
} }