mirror of https://github.com/MISP/MISP
Merge branch 'hotfix-2.1.1' into develop
commit
392b48772b
|
@ -48,4 +48,4 @@ License
|
|||
|
||||
This software is licensed under GNU Affero General Public License version 3
|
||||
|
||||
Copyright (c) 2012, 2013 Belgian Defence, NATO / NCIRC.
|
||||
Copyright (c) 2012, 2013 Belgian Defence, NATO / NCIRC.
|
||||
|
|
|
@ -141,6 +141,7 @@ Configure::write('CyDefSIG.dns', 'false'); // there is a nameserver available
|
|||
//Configure::write('MISP.welcome_text_top', 'Welcome to the Organisation community\'s'); // used in Events::login before the MISP logo
|
||||
//Configure::write('MISP.welcome_text_bottom', 'instance'); // used in Events::login after the MISP logo
|
||||
//Configure::write('MISP.welcome_logo', 'organisation'); // used in Events::login to the left of the MISP logo, place a .png file in app/webroot/img with the name specified here. In this case it would be organisation.png
|
||||
Configure::write('MISP.disablerestalert', 'true');
|
||||
|
||||
/**
|
||||
* The settings below can be used to set additional paths to models, views and controllers.
|
||||
|
|
|
@ -83,7 +83,7 @@ class EventsController extends AppController {
|
|||
*/
|
||||
public function index() {
|
||||
// list the events
|
||||
|
||||
|
||||
// TODO information exposure vulnerability - as we don't limit the filter depending on the CyDefSIG.showorg parameter
|
||||
// this filter will work if showorg=false and users will be able to perform the filtering and see what events were posted by what org.
|
||||
// same goes for orgc in all cases
|
||||
|
@ -562,6 +562,9 @@ class EventsController extends AppController {
|
|||
if ($saveResult) {
|
||||
if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) {
|
||||
// do the necessary actions to publish the event (email, upload,...)
|
||||
if ('true' != Configure::read('MISP.disablerestalert')) {
|
||||
$this->__sendAlertEmail($this->Event->getId());
|
||||
}
|
||||
$this->__publish($this->Event->getId(), $passAlong);
|
||||
}
|
||||
return true;
|
||||
|
|
|
@ -159,4 +159,4 @@ $(document).ready(function () {
|
|||
});
|
||||
|
||||
});
|
||||
</script>
|
||||
</script>
|
||||
|
|
|
@ -198,7 +198,7 @@ if (!empty($event['Attribute'])):?>
|
|||
</td>
|
||||
<td class="showspaces <?php echo $extra; ?>"><?php $sigDisplay = $attribute['value'];
|
||||
if ('attachment' == $attribute['type'] || 'malware-sample' == $attribute['type'] ) {
|
||||
$filenameHash = explode('|', $attribute['value']);
|
||||
$filenameHash = explode('|', nl2br(h($attribute['value'])));
|
||||
if (strrpos($filenameHash[0], '\\')) {
|
||||
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
|
||||
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
|
||||
|
|
Loading…
Reference in New Issue