tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 08:45:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

WIP: Minor fixes

Browse Source
This commit is contained in:
Jose Gonzalez 2020-03-26 14:41:54 +01:00
parent e48ef76f35
commit 161c1eb643
3 changed files with 9 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pandora_console/godmode/modules/private_enterprise_numbers.php
View File

@ -12,12 +12,6 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details. // GNU General Public License for more details.
// Load global vars // Load global vars
// TESTING
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
// END
global $config; global $config;
check_login(); check_login();
@ -25,7 +19,7 @@ check_login();
if (! check_acl($config['id_user'], 0, 'PM')) { if (! check_acl($config['id_user'], 0, 'PM')) {
db_pandora_audit( db_pandora_audit(
'ACL Violation', 'ACL Violation',
'Trying to access Network Profile Management' 'Trying to access Wizard Setup'
); );
include 'general/noaccess.php'; include 'general/noaccess.php';
return; return;
@ -61,7 +55,7 @@ try {
$('#main_table_area').html(d); $('#main_table_area').html(d);
}, },
error: function(d) { error: function(d) {
alert('Failed trying update database! -> '+String(data)); // True, must change the message alert('Failed trying update database -> '+String(data)); // True, must change the message
} }
}); });

24
pandora_console/include/ajax/wizardSetup.ajax.php
View File

@ -35,13 +35,10 @@ require_once 'include/functions_io.php';
require_once 'include/functions.php'; require_once 'include/functions.php';
require_once $config['homedir'].'/include/class/ConfigPEN.class.php'; require_once $config['homedir'].'/include/class/ConfigPEN.class.php';
// Security. // Security.
if (! check_acl($config['id_user'], 0, 'PM') if (! check_acl($config['id_user'], 0, 'PM')) {
&& ! check_acl($config['id_user'], 0, 'EW')
&& ! check_acl($config['id_user'], 0, 'EM')
) {
db_pandora_audit( db_pandora_audit(
'ACL Violation', 'ACL Violation',
'Trying to access to Wizard Setup' 'Trying to access to Wizard Setup Ajax'
); );
include 'general/noaccess.php'; include 'general/noaccess.php';
return; return;
@ -128,20 +125,7 @@ switch ($action) {
break; break;
} }
// Make the data for return // Create the response data.
$output = html_print_div( $output = $message.$configPEN->createMainTable();
[
'id' => 'ajax_message_show',
'content' => $message,
]
);
$output .= html_print_div(
[
'id' => 'ajax_main_table',
'content' => $configPEN->createMainTable(),
]
);
// Return data. // Return data.
echo $output; echo $output;
// return $output;

10
pandora_console/include/class/ConfigPEN.class.php
View File

@ -53,16 +53,12 @@ class ConfigPEN extends HTML
// Check access. // Check access.
check_login(); check_login();
if (! check_acl($config['id_user'], 0, 'AR')) { if (! check_acl($config['id_user'], 0, 'PM')) {
db_pandora_audit( db_pandora_audit(
'ACL Violation', 'ACL Violation',
'Trying to access event viewer' 'Trying to access PEN Definition feature'
); );
/*
if (is_ajax()) {
echo json_encode(['error' => 'noaccess']);
}
*/
include 'general/noaccess.php'; include 'general/noaccess.php';
exit; exit;
} }