ClamAV version: '.clam_get_version(); die ($error); //On malware, we die because it's not good to handle it } } $sql = sprintf ("INSERT INTO tattachment (id_incidencia, id_usuario, filename, description, size) VALUES (%d, '%s', '%s', '%s', %d)", $id_inc, $config["id_user"], $filename, $description, $filesize); $id_attachment = db_process_sql ($sql,"insert_id"); // Copy file to directory and change name if ($id_attachment !== false) { $nombre_archivo = $config["attachment_store"] . "/pand" . $id_attachment . "_" . $_FILES['userfile']['name']; $zip = new ZipArchive; if ($zip->open($nombre_archivo.".zip", ZIPARCHIVE::CREATE) === true) { $zip->addFile($_FILES['userfile']['tmp_name'], io_safe_output($filename)); $zip->close(); } //$result = copy ($_FILES['userfile']['tmp_name'], $nombre_archivo); } else { ui_print_error_message(__('File could not be saved due to database error')); $result = false; } if ($result !== false) { unlink ($_FILES['userfile']['tmp_name']); incidents_process_touch ($id_inc); } else { db_process_sql ("DELETE FROM tattachment WHERE id_attachment = ".$id_attachment); } ui_print_result_message ($result, __('File uploaded'), __('File could not be uploaded')); } } // else Not given id // Create incident from event... read event data elseif (isset ($_GET["insert_form"])) { $titulo = ""; $descripcion = ""; $origen = ""; $prioridad = 0; $id_grupo = 0; $estado = 0; $texto = ""; $usuario = $config["id_user"]; $id_creator = $config["id_user"]; $id_grupo = 0; $id_agent = 0; if (isset ($_GET["from_event"])) { $event = get_parameter ("from_event"); $texto = io_safe_output(events_get_description ($event)); $titulo = ui_print_truncate_text(events_get_description ($event), 'description', false, true, false); $id_grupo = events_get_group ($event); $origen = "Pandora FMS Event"; unset ($event); } $prioridad = 0; } else { db_pandora_audit("HACK","Trying to get to incident details in an unusual way"); require ("general/noaccess.php"); exit; } // ******************************************************************************************************** // ******************************************************************************************************** // Show the form // ******************************************************************************************************** //This is for the pretty slide down attachment form echo ""; if (isset ($id_inc)) { //If $id_inc is set (when $_GET["id"] is set, not $_GET["insert_form"] ui_print_page_header (__('Incident details'). ' #'.$id_inc, "images/book_edit.png", false, "", false, ""); echo '
"; //If we're actually working on an incident if (isset ($id_inc)) { //****************************************************************** // Notes //****************************************************************** echo ''.__('Filename').' | |||
'.__('Description').' | |||