From 0abc658221eb396212a219c29a764a4134e86bc3 Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Wed, 29 May 2013 16:53:01 +0200
Subject: [PATCH 01/13] Named pipes and mutex

- added the 2 types under the artifacts dropped category
---
 app/Model/Attribute.php | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php
index d8a192f6b..0b36fc48b 100755
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@@ -134,7 +134,9 @@ class Attribute extends AppModel {
 			'link' => array('desc' => 'Link to an external information'),
 			'comment' => array('desc' => 'Comment or description in a human language', 'formdesc' => 'Comment or description in a human language. <br/> This will not be correlated with other attributes (NOT IMPLEMENTED YET)'),
 			'text' => array('desc' => 'Name, ID or a reference'),
-			'other' => array('desc' => 'Other attribute')
+			'other' => array('desc' => 'Other attribute'),
+			'named pipe' => array('desc' => 'Named pipe, use the format \\.\pipe\<PipeName>'),
+			'mutex' => array('desc' => 'Mutex, use the format \BaseNamedObjects\<Mutex>'),
 	);
 
 	// definitions of categories
@@ -155,7 +157,7 @@ class Attribute extends AppModel {
 					),
 			'Artifacts dropped' => array(
 					'desc' => 'Any artifact (files, registry keys etc.) dropped by the malware or other modifications to the system',
-					'types' => array('md5', 'sha1', 'filename', 'filename|md5', 'filename|sha1', 'regkey', 'regkey|value', 'pattern-in-file', 'pattern-in-memory', 'yara', 'attachment', 'malware-sample', 'comment', 'text', 'other')
+					'types' => array('md5', 'sha1', 'filename', 'filename|md5', 'filename|sha1', 'regkey', 'regkey|value', 'pattern-in-file', 'pattern-in-memory', 'yara', 'attachment', 'malware-sample', 'comment', 'text', 'other', 'named pipe', 'mutex')
 					),
 			'Payload installation' => array(
 					'desc' => 'Info on where the malware gets installed in the system',
@@ -691,6 +693,16 @@ class Attribute extends AppModel {
 					$returnValue = 'Invalid format. Expected: CVE-xxxx-xxxx.';
 				}
 				break;
+			case 'named pipe':
+				if (preg_match('#^(\\\\\\\\.\\\\pipe\\\\)#', $value) && !preg_match("#\n#", $value)) {
+					$returnValue = true;
+				}
+				break;
+			case 'mutex':
+				if (preg_match('#^(\\\\BaseNamedObjects\\\\)#', $value) && !preg_match("#\n#", $value)) {
+					$returnValue = true;
+				}
+				break;
 			case 'AS':
 			case 'snort':
 			case 'pattern-in-file':

From bd444d3ed8bf63cf15c2e430fed011d59c5703f2 Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Thu, 30 May 2013 14:01:55 +0200
Subject: [PATCH 02/13] Logos shown in memberslist

---
 app/View/Users/memberslist.ctp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/View/Users/memberslist.ctp b/app/View/Users/memberslist.ctp
index 5990adb7d..058ed742f 100755
--- a/app/View/Users/memberslist.ctp
+++ b/app/View/Users/memberslist.ctp
@@ -4,13 +4,18 @@
 	<tr>
 			<th>Organisation</th>
 			<th># of members</th>
+			<th>Logo</th>
  	</tr>
 	<?php
 foreach ($orgs as $org):?>
 	<tr>
 		<td><?php echo h($org['User']['org']); ?>&nbsp;</td>
 		<td><?php echo h($org[0]['num_members']); ?>&nbsp;</td>
-
+		<?php
+			$imgRelativePath = 'orgs' . DS . h($org['User']['org']) . '.png';
+			$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
+		?>
+		<td><?php if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($org['User']['org']) . '.png', array('alt' => h($org['User']['org']),'width' => '48','hight' => '48'));?>&nbsp</td>
 	</tr>
 	<?php
 endforeach; ?>

From 0d66ef931a95735ceaa5d56f9d683de37c32f264 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Thu, 6 Jun 2013 16:36:28 +0200
Subject: [PATCH 03/13] UI tooltip love

---
 app/View/Attributes/add.ctp       | 61 +++++++++++++-----------
 app/View/Attributes/edit.ctp      | 78 ++++++++++++++++---------------
 app/View/Attributes/index.ctp     | 13 +++++-
 app/View/Attributes/search.ctp    | 55 ++++++++++------------
 app/View/Elements/global_menu.ctp |  2 +-
 app/View/Events/add.ctp           | 42 ++++++++---------
 app/View/Events/edit.ctp          | 49 ++++++++-----------
 app/View/Events/view.ctp          | 41 +++++++++++-----
 8 files changed, 177 insertions(+), 164 deletions(-)

diff --git a/app/View/Attributes/add.ctp b/app/View/Attributes/add.ctp
index 286f7babd..ddea58463 100755
--- a/app/View/Attributes/add.ctp
+++ b/app/View/Attributes/add.ctp
@@ -5,18 +5,15 @@
 		<?php
 		echo $this->Form->hidden('event_id');
 		echo $this->Form->input('category', array(
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
 				'empty' => '(choose one)'
 				));
 		echo $this->Form->input('type', array(
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
 				'empty' => '(first choose category)'
 				));
 		if ('true' == Configure::read('CyDefSIG.sync')) {
 			echo $this->Form->input('distribution', array(
 				'label' => 'Distribution',
 				'selected' => $maxDist,
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
 			));
 		}
 		echo $this->Form->input('value', array(
@@ -30,18 +27,16 @@
 		<?php
 		echo $this->Form->input('to_ids', array(
 					'checked' => true,
-					'after' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
+					'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
 					'label' => 'IDS Signature?',
 		));
 		echo $this->Form->input('batch_import', array(
 				'type' => 'checkbox',
-				'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
+				'data-content' => 'Create multiple attributes one per line',
 		));
 
 		// link an onchange event to the form elements
 		$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
-		$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
-		$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
 		?>
 	</fieldset>
 <?php
@@ -52,17 +47,12 @@ echo $this->Form->end();
 <div class="actions">
 	<ul class="nav nav-list">
 		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<?php if ($isSiteAdmin || $mayModify): ?>
 		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
 		<li class="divider"></li>
 		<li class="active"><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
 		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
 		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
-		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
-		<?php endif; ?>
 		<li class="divider"></li>
 		<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
 		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
@@ -94,7 +84,6 @@ foreach ($categoryDefinitions as $category => $def) {
 ?>
 
 function formCategoryChanged(id) {
-	showFormInfo(id); // display the tooltip
 	// fill in the types
 	var options = $('#AttributeType').prop('options');
 	$('option', $('#AttributeType')).remove();
@@ -125,23 +114,39 @@ foreach ($distributionDescriptions as $type => $def) {
 }
 ?>
 
-function showFormInfo(id) {
-	idDiv = id+'Div';
-	// LATER use nice animations
-	//$(idDiv).hide('fast');
-	// change the content
-	var value = $(id).val();    // get the selected value
-	$(idDiv).html(formInfoValues[value]);    // search in a lookup table
+$(document).ready(function() {
 
-	// show it again
-	$(idDiv).fadeIn('slow');
-}
+	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseover', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+	    }
+	});
+
+	$("input, label").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("input, label").on('mouseover', function(e) {
+		var $e = $(e.target);
+		$('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+        }).popover('show');
+	});
+
+});
 
-// hide the formInfo things
-$('#AttributeTypeDiv').hide();
-$('#AttributeCategoryDiv').hide();
-$('#AttributeType').prop('disabled', true);
-$('#AttributeDistributionDiv').hide();
 
 
 </script>
diff --git a/app/View/Attributes/edit.ctp b/app/View/Attributes/edit.ctp
index 8d6b7ce7f..2af50a5e7 100755
--- a/app/View/Attributes/edit.ctp
+++ b/app/View/Attributes/edit.ctp
@@ -1,6 +1,3 @@
-<?php
-$mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org']));
-?>
 <div class="attributes form">
 <?php echo $this->Form->create('Attribute');?>
 	<fieldset>
@@ -8,18 +5,15 @@ $mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || (
 		<?php
 		echo $this->Form->hidden('event_id');
 		echo $this->Form->input('category', array(
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
 				'empty' => '(choose one)'
 				));
 		echo $this->Form->input('type', array(
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
 				'empty' => '(first choose category)'
 				));
-		if ('true' == Configure::read('CyDefSIG.sync')) {
+		if ('true' == Configure::read('CyDefSIG.sync') && $canEditDist) {
 			echo $this->Form->input('distribution', array(
 				'label' => 'Distribution',
 				'selected' => $maxDist,
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
 			));
 		}
 		echo $this->Form->input('value', array(
@@ -33,18 +27,16 @@ $mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || (
 		<?php
 		echo $this->Form->input('to_ids', array(
 					'checked' => true,
-					'after' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
+					'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
 					'label' => 'IDS Signature?',
 		));
 		echo $this->Form->input('batch_import', array(
 				'type' => 'checkbox',
-				'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
+				'data-content' => 'Create multiple attributes one per line',
 		));
 
 		// link an onchange event to the form elements
 		$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
-		$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
-		$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
 		?>
 	</fieldset>
 <?php
@@ -55,17 +47,12 @@ echo $this->Form->end();
 <div class="actions">
 	<ul class="nav nav-list">
 		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<?php if ($isSiteAdmin || $mayModify): ?>
 		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
 		<li class="divider"></li>
 		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
 		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
 		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
-		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
-		<?php endif; ?>
 		<li class="divider"></li>
 		<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
 		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
@@ -96,7 +83,6 @@ foreach ($categoryDefinitions as $category => $def) {
 ?>
 
 function formCategoryChanged(id) {
-	showFormInfo(id); // display the tooltip
 	// fill in the types
 	var options = $('#AttributeType').prop('options');
 	$('option', $('#AttributeType')).remove();
@@ -121,32 +107,48 @@ foreach ($categoryDefinitions as $category => $def) {
 	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
 	echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
 }
-foreach ($distributionDescriptions as $type => $def) {
-	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
-	echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";  // as we output JS code we need to add slashes
+if ($canEditDist) {
+	foreach ($distributionDescriptions as $type => $def) {
+		$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
+		echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";  // as we output JS code we need to add slashes
+	}
 }
 ?>
 
-function showFormInfo(id) {
-	idDiv = id+'Div';
-	// LATER use nice animations
-	//$(idDiv).hide('fast');
-	// change the content
-	var value = $(id).val();	// get the selected value
-	$(idDiv).html(formInfoValues[value]);	// search in a lookup table
+$(document).ready(function() {
+
+	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseover', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+		}
+	});
+
+	$("input, label").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("input, label").on('mouseover', function(e) {
+		var $e = $(e.target);
+		$('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+        }).popover('show');
+	});
+
+});
 
-	// show it again
-	$(idDiv).fadeIn('slow');
-}
 
-//hide the formInfo things
-$('#AttributeTypeDiv').hide();
-$('#AttributeCategoryDiv').hide();
-$('#AttributeDistributionDiv').hide();
-// fix the select box based on what was selected
-var type_value = $('#AttributeType').val();
-formCategoryChanged("#AttributeCategory");
-$('#AttributeType').val(type_value);
 
 </script>
 <?php echo $this->Js->writeBuffer(); // Write cached scripts
diff --git a/app/View/Attributes/index.ctp b/app/View/Attributes/index.ctp
index 976d0b884..859762b58 100755
--- a/app/View/Attributes/index.ctp
+++ b/app/View/Attributes/index.ctp
@@ -145,4 +145,15 @@ endforeach;
 		<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
 		<?php endif;?>
 	</ul>
-</div>
\ No newline at end of file
+</div>
+<script type="text/javascript">
+// tooltips
+$(document).ready(function () {
+	$("td, div").tooltip({
+		'placement': 'top',
+		'container' : 'body',
+		delay: { show: 500, hide: 100 }
+		});
+
+});
+</script>
\ No newline at end of file
diff --git a/app/View/Attributes/search.ctp b/app/View/Attributes/search.ctp
index 6a21570e7..7d6f52557 100755
--- a/app/View/Attributes/search.ctp
+++ b/app/View/Attributes/search.ctp
@@ -16,9 +16,9 @@
 		<?php
 		echo $this->Form->input('type', array(
 				'div' => 'input clear',
-				'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))
 				));
-		echo $this->Form->input('category', array('after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
+		echo $this->Form->input('category', array(
+				));
 		?>
 	</fieldset>
 <?php
@@ -99,7 +99,6 @@ foreach ($typeDefinitions as $type => $def) {
 
 function formCategoryChanged(id) {
 	var alreadySelected = $('#AttributeType').val();
-	showFormInfo(id); // display the tooltip
 	// empty the types
 	document.getElementById("AttributeType").options.length = 1;
 	// add new items to options
@@ -112,15 +111,10 @@ function formCategoryChanged(id) {
 	});
 	// enable the form element
 	$('#AttributeType').prop('disabled', false);
-	if ("ALL" == $('#AttributeCategory').val()) {
-		//alert($('#AttributeCategory').val());
-		$('#AttributeCategoryDiv').hide();
-	}
 }
 
 function formTypeChanged(id) {
 	var alreadySelected = $('#AttributeCategory').val();
-	showFormInfo(id); // display the tooltip
 	// empty the categories
 	document.getElementById("AttributeCategory").options.length = 2;
 	// add new items to options
@@ -133,10 +127,6 @@ function formTypeChanged(id) {
 	});
 	// enable the form element
 	$('#AttributeCategory').prop('disabled', false);
-	if ("ALL" == $('#AttributeType').val()) {
-		//alert($('#AttributeType').val());
-		$('#AttributeTypeDiv').hide();
-	}
 }
 
 var formInfoValues = new Array();
@@ -151,33 +141,36 @@ foreach ($categoryDefinitions as $category => $def) {
 	echo "formInfoValues['$category'] = \"$info\";\n";
 }
 $this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
-$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
 $this->Js->get('#AttributeType')->event('change', 'formTypeChanged("#AttributeType")');
-$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
 ?>
 
 formInfoValues['ALL'] = '';
 formInfoValues[''] = '';
 
-function showFormInfo(id) {
-	idDiv = id+'Div';
-	if (("ALL" != $(id).val()) && ("" != $(id).val())) {
-	// LATER use nice animations
-	//$(idDiv).hide('fast');
-	// change the content
-	var value = $(id).val();    // get the selected value
-	$(idDiv).html(formInfoValues[value]);    // search in a lookup table
 
-	// show it again
-	$(idDiv).fadeIn('slow');
-	} else {
-		$(idDiv).hide();
-	}
-}
+$(document).ready(function() {
+
+	$("#AttributeType, #AttributeCategory").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("#AttributeType, #AttributeCategory").on('mouseover', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+	    }
+	});
+
+
+});
+
+
 
-// hide the formInfo things
-$('#AttributeTypeDiv').hide();
-$('#AttributeCategoryDiv').hide();
 
 </script>
 <?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
diff --git a/app/View/Elements/global_menu.ctp b/app/View/Elements/global_menu.ctp
index 484c99d26..1e76de380 100755
--- a/app/View/Elements/global_menu.ctp
+++ b/app/View/Elements/global_menu.ctp
@@ -113,7 +113,7 @@
 
 				</ul>
 			</div>
-			<div class="nav-collapse collapse" style="float:right">
+			<div class="nav-collapse collapse pull-right">
 				<ul class="nav">
 					<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout', 'plugin' => false)); ?> </li>
 				</ul>
diff --git a/app/View/Events/add.ctp b/app/View/Events/add.ctp
index 3531fb20b..b8281a2e8 100755
--- a/app/View/Events/add.ctp
+++ b/app/View/Events/add.ctp
@@ -10,17 +10,14 @@
 		if ('true' == Configure::read('CyDefSIG.sync')) {
 			echo $this->Form->input('distribution', array(
 					'label' => 'Distribution',
-					'selected' => 'All communities',
-					'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
+					'selected' => 'All communities'
 					));
 		}
 		echo $this->Form->input('risk', array(
-				'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
 				'div' => 'input clear'
 				));
 		echo $this->Form->input('analysis', array(
 				'options' => array($analysisLevels),
-				'after' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
 				));
 		echo $this->Form->input('info', array(
 				'div' => 'clear',
@@ -29,13 +26,8 @@
 		echo $this->Form->input('Event.submittedgfi', array(
 				'label' => '<b>GFI sandbox</b>',
 				'type' => 'file',
-				// 'between' => $this->Html->div('forminfo', isset($eventDescriptions['submittedgfi']['formdesc']) ? $eventDescriptions['submittedgfi']['formdesc'] : $eventDescriptions['submittedgfi']['desc']),
 				'div' => 'clear'
 				));
-		// link an onchange event to the form elements
-		$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
-		$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
-		$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
 		?>
 	</fieldset>
 <?php
@@ -81,20 +73,24 @@ foreach ($analysisDescriptions as $type => $def) {
 }
 ?>
 
-function showFormInfo(id) {
-	idDiv = id+'Div';
-	// LATER use nice animations
-	//$(idDiv).hide('fast');
-	// change the content
-	var value = $(id).val();    // get the selected value
-	$(idDiv).html(formInfoValues[value]);    // search in a lookup table
-	// show it again
-	$(idDiv).fadeIn('slow');
-}
+$(document).ready(function() {
+
+	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+	    }
+	});
+});
 
-// hide the formInfo things
-$('#EventDistributionDiv').hide();
-$('#EventRiskDiv').hide();
-$('#EventAnalysisDiv').hide();
 </script>
 <?php echo $this->Js->writeBuffer();
diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp
index 54f5f5e70..ed892c9a6 100755
--- a/app/View/Events/edit.ctp
+++ b/app/View/Events/edit.ctp
@@ -13,29 +13,20 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
 		echo $this->Form->input('distribution', array(
 			'label' => 'Distribution',
 			'selected' => 'All communities',
-			'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
 		));
     }
 }
 	echo $this->Form->input('risk', array(
-			'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
 			'div' => 'input clear'
 			));
 	echo $this->Form->input('analysis', array(
 			'options' => array($analysisLevels),
-			'after' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
 			));
 	echo $this->Form->input('info', array(
 			'div' => 'clear',
 			'class' => 'input-xxlarge'
 			));
 
-// link an onchange event to the form elements
-if ('true' == $canEditDist) {
-	$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
-}
-$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
-$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
 ?>
 	</fieldset>
 <?php
@@ -46,17 +37,13 @@ echo $this->Form->end();
 <div class="actions">
 	<ul class="nav nav-list">
 		<li><?php echo $this->Html->link('View Event', array('action' => 'view', $this->request->data['Event']['id'])); ?> </li>
-		<?php if ($isSiteAdmin || $mayModify): ?>
+
 		<li class="active"><?php echo $this->Html->link('Edit Event', array('action' => 'edit', $this->request->data['Event']['id'])); ?> </li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
 		<li class="divider"></li>
 		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
 		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
 		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Event']['id']));?> </li>
-		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
-		<?php endif; ?>
 		<li class="divider"></li>
 		<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
 		<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $this->request->data['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
@@ -101,22 +88,24 @@ foreach ($analysisDescriptions as $type => $def) {
 }
 ?>
 
-function showFormInfo(id) {
-	idDiv = id+'Div';
-	// LATER use nice animations
-	//$(idDiv).hide('fast');
-	// change the content
-	var value = $(id).val();    // get the selected value
-	$(idDiv).html(formInfoValues[value]);    // search in a lookup table
-	// show it again
-	$(idDiv).fadeIn('slow');
-}
+$(document).ready(function() {
+
+	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
+	    $('#'+e.currentTarget.id).popover('destroy');
+	});
+
+	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+	    }
+	});
+});
 
-// hide the formInfo things
-if ('true' == $canEditDist) {
-	$('#EventDistributionDiv').hide();
-}
-$('#EventRiskDiv').hide();
-$('#EventAnalysisDiv').hide();
 </script>
 <?php echo $this->Js->writeBuffer();
\ No newline at end of file
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index 5aca97a30..4c0ec7de3 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -84,12 +84,12 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 					<?php echo h($event['Event']['date']); ?>
 					&nbsp;
 				</dd>
-				<dt<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>Risk</dt>
+				<dt title="<?php echo $eventDescriptions['risk']['desc'];?>">Risk</dt>
 				<dd>
 					<?php echo h($event['Event']['risk']); ?>
 					&nbsp;
 				</dd>
-				<dt<?php echo ' title="' . $eventDescriptions['analysis']['desc'] . '"';?>>Analysis</dt>
+				<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
 				<dd>
 					<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
 					&nbsp;
@@ -105,7 +105,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 					&nbsp;
 				</dd>
 				<dt>Published</dt>
-				<dd style = "color: red;">
+				<dd style="color: red;">
 					<b><?php echo ($event['Event']['published'] == 1 ? 'Yes' : 'No');  ?></b>
 					&nbsp;
 				</dd>
@@ -155,16 +155,23 @@ if (!empty($event['Attribute'])):?>
 			if (count($attribute['ShadowAttribute'])) $extra .= 'highlight1';
 		?>
 		<tr>
-			<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>"><?php
-			if ($first) {
+			<?php if($first): ?>
+			<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>">
+				<?php
 				if ('' == $attribute['category']) echo '(no category)';
-					echo h($attribute['category']);
-			} else {
-				echo '&nbsp;';
-			}?></td>
-			<td class="short <?php echo $extra; ?>" title="<?php
-			echo $typeDefinitions[$attribute['type']]['desc'];?>"><?php
-			echo h($attribute['type']);?></td>
+				else echo h($attribute['category']);
+				?>
+			</td>
+			<?php else: ?>
+			<td class= "short <?php echo $extra; ?>">
+				&nbsp;
+			</td>
+			<?php endif; ?>
+			<td class="short <?php echo $extra; ?>" title="<?php echo $typeDefinitions[$attribute['type']]['desc'];?>">
+
+				<?php echo h($attribute['type']);?>
+
+			</td>
 			<td class="<?php echo $extra; ?>"><?php
 			$sigDisplay = $attribute['value'];
 			if ('attachment' == $attribute['type'] || 'malware-sample' == $attribute['type'] ) {
@@ -371,3 +378,13 @@ if (!empty($event['Attribute'])):?>
 				endif; ?>
 		</div>
 </div>
+<script type="text/javascript">
+// tooltips
+$(document).ready(function () {
+	$("th, td, dt, div, span").tooltip({
+		'placement': 'top',
+		'container' : 'body',
+		delay: { show: 500, hide: 100 }
+		});
+});
+</script>

From d4d24a3aea0f6e88df431c3b98a3b4d7dac7b8d1 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Sat, 8 Jun 2013 11:31:22 +0200
Subject: [PATCH 04/13] peformance

---
 app/Controller/AppController.php | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php
index 5ec0f2f1d..46ea7e576 100755
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@@ -183,13 +183,9 @@ class AppController extends Controller {
  * @return void
  */
 	protected function _refreshAuth() {
-		if (isset($this->User)) {
-			$user = $this->User->read(false, $this->Auth->user('id'));
-		} else {
-			$this->loadModel('User');
-			$this->User->recursive = -1;
-			$user = $this->User->findById($this->Auth->user('id'));
-		}
+		$this->loadModel('User');
+		$this->User->recursive = -1;
+		$user = $this->User->findById($this->Auth->user('id'));
 		$this->Auth->login($user['User']);
 	}
 

From bd88c10bf175c2224d0b7a774d256d864f7b471f Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Sat, 8 Jun 2013 16:55:04 +0200
Subject: [PATCH 05/13] removed not necessary sort results in huge performance
 improvement

---
 app/Model/Attribute.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php
index be47267eb..75ef8b1df 100755
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@@ -177,7 +177,7 @@ class Attribute extends AppModel {
 					)
 	);
 
-	public $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
+	public $order = array("Attribute.event_id" => "DESC");
 
 /**
  * Validation rules

From 482fd8b8b08fe0c96135a4b2a524eccbb72a28f6 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 10:41:29 +0200
Subject: [PATCH 06/13] fix no tooltip bug on Chrome and probably IE.

---
 app/View/Attributes/add.ctp  | 15 +++++++++++++++
 app/View/Attributes/edit.ctp | 15 +++++++++++++++
 app/View/Events/add.ctp      | 13 +++++++++++++
 app/View/Events/edit.ctp     | 13 +++++++++++++
 4 files changed, 56 insertions(+)

diff --git a/app/View/Attributes/add.ctp b/app/View/Attributes/add.ctp
index ddea58463..5107bbb71 100755
--- a/app/View/Attributes/add.ctp
+++ b/app/View/Attributes/add.ctp
@@ -145,6 +145,21 @@ $(document).ready(function() {
         }).popover('show');
 	});
 
+	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
+	// disadvangate is that user needs to click on the item to see the tooltip.
+	// no solutions exist, except to generate the select completely using html.
+	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+	    }
+	});
+
 });
 
 
diff --git a/app/View/Attributes/edit.ctp b/app/View/Attributes/edit.ctp
index 2af50a5e7..4ddbb86b9 100755
--- a/app/View/Attributes/edit.ctp
+++ b/app/View/Attributes/edit.ctp
@@ -146,6 +146,21 @@ $(document).ready(function() {
         }).popover('show');
 	});
 
+	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
+	// disadvangate is that user needs to click on the item to see the tooltip.
+	// no solutions exist, except to generate the select completely using html.
+	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
+	    var $e = $(e.target);
+	    if ($e.is('option')) {
+	        $('#'+e.currentTarget.id).popover('destroy');
+	        $('#'+e.currentTarget.id).popover({
+	            trigger: 'manual',
+	            placement: 'right',
+	            content: formInfoValues[$e.val()],
+	        }).popover('show');
+	    }
+	});
+
 });
 
 
diff --git a/app/View/Events/add.ctp b/app/View/Events/add.ctp
index b8281a2e8..244dda8c0 100755
--- a/app/View/Events/add.ctp
+++ b/app/View/Events/add.ctp
@@ -90,6 +90,19 @@ $(document).ready(function() {
 	        }).popover('show');
 	    }
 	});
+
+	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
+	// disadvangate is that user needs to click on the item to see the tooltip.
+	// no solutions exist, except to generate the select completely using html.
+	$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
+		var $e = $(e.target);
+        $('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+            content: formInfoValues[$e.val()],
+        }).popover('show');
+	});
 });
 
 </script>
diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp
index ed892c9a6..35a8dfc8f 100755
--- a/app/View/Events/edit.ctp
+++ b/app/View/Events/edit.ctp
@@ -105,6 +105,19 @@ $(document).ready(function() {
 	        }).popover('show');
 	    }
 	});
+
+	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
+	// disadvangate is that user needs to click on the item to see the tooltip.
+	// no solutions exist, except to generate the select completely using html.
+	$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
+		var $e = $(e.target);
+        $('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+            content: formInfoValues[$e.val()],
+        }).popover('show');
+	});
 });
 
 </script>

From c348c62a0e1c76653086e3377039485a5f4bdd57 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 10:46:03 +0200
Subject: [PATCH 07/13] fix bug no tooltip with Chrome/IE on attributes

---
 app/View/Attributes/add.ctp  | 14 ++++++--------
 app/View/Attributes/edit.ctp | 14 ++++++--------
 2 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/app/View/Attributes/add.ctp b/app/View/Attributes/add.ctp
index 5107bbb71..4154f1c5d 100755
--- a/app/View/Attributes/add.ctp
+++ b/app/View/Attributes/add.ctp
@@ -150,14 +150,12 @@ $(document).ready(function() {
 	// no solutions exist, except to generate the select completely using html.
 	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
 	    var $e = $(e.target);
-	    if ($e.is('option')) {
-	        $('#'+e.currentTarget.id).popover('destroy');
-	        $('#'+e.currentTarget.id).popover({
-	            trigger: 'manual',
-	            placement: 'right',
-	            content: formInfoValues[$e.val()],
-	        }).popover('show');
-	    }
+        $('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+            content: formInfoValues[$e.val()],
+        }).popover('show');
 	});
 
 });
diff --git a/app/View/Attributes/edit.ctp b/app/View/Attributes/edit.ctp
index 4ddbb86b9..2c95bbe9e 100755
--- a/app/View/Attributes/edit.ctp
+++ b/app/View/Attributes/edit.ctp
@@ -151,14 +151,12 @@ $(document).ready(function() {
 	// no solutions exist, except to generate the select completely using html.
 	$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
 	    var $e = $(e.target);
-	    if ($e.is('option')) {
-	        $('#'+e.currentTarget.id).popover('destroy');
-	        $('#'+e.currentTarget.id).popover({
-	            trigger: 'manual',
-	            placement: 'right',
-	            content: formInfoValues[$e.val()],
-	        }).popover('show');
-	    }
+        $('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+            content: formInfoValues[$e.val()],
+        }).popover('show');
 	});
 
 });

From d81ffe56b7c38aaaf620e8829203d1afdc50ebca Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 11:31:46 +0200
Subject: [PATCH 08/13] Performance improvement with static urls

---
 app/View/Attributes/add.ctp            | 20 ++++-----
 app/View/Attributes/add_attachment.ctp | 25 +++++-------
 app/View/Attributes/edit.ctp           | 20 ++++-----
 app/View/Attributes/index.ctp          | 56 +++++++++++++-------------
 app/View/Attributes/search.ctp         | 24 ++++++++---
 app/View/Elements/global_menu.ctp      | 56 +++++++++++++-------------
 6 files changed, 105 insertions(+), 96 deletions(-)

diff --git a/app/View/Attributes/add.ctp b/app/View/Attributes/add.ctp
index 4154f1c5d..66c370ac2 100755
--- a/app/View/Attributes/add.ctp
+++ b/app/View/Attributes/add.ctp
@@ -46,21 +46,21 @@ echo $this->Form->end();
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
+		<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
+		<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
 		<li class="divider"></li>
-		<li class="active"><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
+		<li class="active"><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
+		<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
+		<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Attribute']['event_id'])); ?> </li>
+		<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
 </div>
diff --git a/app/View/Attributes/add_attachment.ctp b/app/View/Attributes/add_attachment.ctp
index 77ab0d569..38a38787e 100755
--- a/app/View/Attributes/add_attachment.ctp
+++ b/app/View/Attributes/add_attachment.ctp
@@ -42,26 +42,21 @@ echo $this->Form->end();
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<?php if ($isSiteAdmin || $mayModify): ?>
-		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
+		<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
+		<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
-		<li class="active"><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
-		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
-		<?php endif; ?>
+		<li><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
+		<li class="active"><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
+		<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Attribute']['event_id'])); ?> </li>
+		<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
 </div>
diff --git a/app/View/Attributes/edit.ctp b/app/View/Attributes/edit.ctp
index 2c95bbe9e..1ce2bae02 100755
--- a/app/View/Attributes/edit.ctp
+++ b/app/View/Attributes/edit.ctp
@@ -46,21 +46,21 @@ echo $this->Form->end();
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
+		<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
+		<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
-		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
+		<li><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
+		<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
+		<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Attribute']['event_id'])); ?> </li>
+		<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
 </div>
diff --git a/app/View/Attributes/index.ctp b/app/View/Attributes/index.ctp
index 859762b58..7438ad8a5 100755
--- a/app/View/Attributes/index.ctp
+++ b/app/View/Attributes/index.ctp
@@ -21,7 +21,7 @@ if ($isSearch == 1) {
         ));
 
             echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
-            echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
+            //echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
             echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
         ?>
         </ul>
@@ -53,45 +53,47 @@ foreach ($attributes as $attribute):
 	<tr>
 		<td class="short">
 			<div id="<?php echo $attribute['Attribute']['id']?>" title="<?php echo h($attribute['Event']['info'])?>"
-			 onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
+			 onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
 			<?php
 				if ($attribute['Event']['orgc'] == $me['org']) {
-					echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']), array('class' => 'SameOrgLink'));
+					$class='class="SameOrgLink"';
 				} else {
-					echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']));
+					$class='';
 				}
 				$currentCount++;
 			?>
+				<a href="/events/view/<?php echo $attribute['Event']['id'];?>" <?php echo $class;?>><?php echo $attribute['Event']['id'];?></a>
 			</div>
 		</td>
-		<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
-		<?php echo h($attribute['Attribute']['category']); ?>&nbsp;</td>
-		<td title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
-		<?php echo h($attribute['Attribute']['type']); ?>&nbsp;</td>
-		<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
+		<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
+		<?php echo $attribute['Attribute']['category']; ?>&nbsp;</td>
+		<td title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
+		<?php echo $attribute['Attribute']['type']; ?>&nbsp;</td>
+		<td class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
 	<?php
 	$sigDisplay = nl2br(h($attribute['Attribute']['value']));
 	if ($isSearch == 1 && !empty($replacePairs)) {
 		// highlight the keywords if there are any
-		$sigDisplay = nl2br($this->Highlight->highlighter($sigDisplay, $replacePairs));
+		$sigDisplay = $this->Highlight->highlighter($sigDisplay, $replacePairs);
 	}
 	if ('attachment' == $attribute['Attribute']['type'] || 'malware-sample' == $attribute['Attribute']['type']) {
-		echo $this->Html->link($sigDisplay, array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']), array('escape' => FALSE));
+		?><a href="/attributes/download/<?php echo $attribute['Attribute']['id'];?>"><?php echo $sigDisplay; ?></a><?php
 	} elseif ('link' == $attribute['Attribute']['type']) {
-		echo $this->Html->link($sigDisplay, nl2br(h($attribute['Attribute']['value'])), array('escape' => FALSE));
+		?><a href="<?php echo nl2br(h($attribute['Attribute']['value']));?>"><?php echo $sigDisplay; ?></a><?php
 	} else {
 		echo $sigDisplay;
 	}
 	?>&nbsp;</td>
-		<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
-		<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;</td>
+		<td class="short" onclick="document.location ='document.location ='/events/view/<?php echo $attribute['Event']['id'];?>';">
+			<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;
+		</td>
 		<td class="short action-links"><?php
-	if ($isAdmin || ($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org'])) {
-		echo $this->Html->link('', array('action' => 'edit', $attribute['Attribute']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
-		echo $this->Form->postLink('',array('action' => 'delete', $attribute['Attribute']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute?'));
-	}
-	echo $this->Html->link('', array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), array('class' => 'icon-list-alt', 'title' => 'View'));
-	?>
+			if ($isAdmin || ($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org'])) {
+				?><a href="/attributes/edit/<?php echo $attribute['Attribute']['id'];?>" class="icon-edit" title="Edit"></a><?php
+				echo $this->Form->postLink('',array('action' => 'delete', $attribute['Attribute']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute?'));
+			}
+			?>
+			<a href="/events/view/<?php echo $attribute['Attribute']['event_id'];?>" class="icon-list-alt" title="View"></a>
 		</td>
 	</tr>
 	<?php
@@ -119,9 +121,9 @@ endforeach;
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
 		<?php
@@ -133,16 +135,16 @@ endforeach;
 			$listClass = 'class="active"';
 		}
 		?>
-		<li <?php echo $listClass;?>><?php echo $this->Html->link('List Attributes', array('admin' => false, 'controller' => 'attributes', 'action' => 'index'));?></li>
-		<li <?php echo $searchClass;?>><?php echo $this->Html->link('Search Attributes', array('admin' => false, 'controller' => 'attributes', 'action' => 'search'));?></li>
+		<li <?php echo $listClass;?>><a href="/attributes/index">List Attributes</a></li>
+		<li <?php echo $searchClass;?>><a href="/attributes/search">Search Attributes</a></li>
 		<?php if ($isSearch == 1): ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link(__('Download results as XML'), array('admin' => false, 'controller' => 'events', 'action' => 'downloadSearchResult'));?></li>
+		<li><a href="/events/downloadSearchResult">Download results as XML</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+		<li><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
-		<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+		<li><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
diff --git a/app/View/Attributes/search.ctp b/app/View/Attributes/search.ctp
index 7d6f52557..b7b87fa50 100755
--- a/app/View/Attributes/search.ctp
+++ b/app/View/Attributes/search.ctp
@@ -166,6 +166,18 @@ $(document).ready(function() {
 	    }
 	});
 
+	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
+	// disadvangate is that user needs to click on the item to see the tooltip.
+	// no solutions exist, except to generate the select completely using html.
+	$("#AttributeType, #AttributeCategory").on('change', function(e) {
+	    var $e = $(e.target);
+        $('#'+e.currentTarget.id).popover('destroy');
+        $('#'+e.currentTarget.id).popover({
+            trigger: 'manual',
+            placement: 'right',
+            content: formInfoValues[$e.val()],
+        }).popover('show');
+	});
 
 });
 
@@ -176,17 +188,17 @@ $(document).ready(function() {
 <?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
-		<li class="active"><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
+		<li><a href="/attributes/index">List Attributes</a></li>
+		<li class="active"><a href="/attributes/search">Search Attributes</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+		<li><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
-		<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+		<li><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
\ No newline at end of file
diff --git a/app/View/Elements/global_menu.ctp b/app/View/Elements/global_menu.ctp
index 1e76de380..de6c8b262 100755
--- a/app/View/Elements/global_menu.ctp
+++ b/app/View/Elements/global_menu.ctp
@@ -4,7 +4,7 @@
 		<?php if ($me != false ):?>
 			<div class="nav-collapse collapse">
 				<ul class="nav">
-					<li class="active"><?php echo $this->Html->link('home', '/');?></li>
+					<li class="active"><a href="/">home</a></li>
 
 
 					<li class="dropdown">
@@ -13,17 +13,17 @@
 							<b class="caret"></b>
 						</a>
 						<ul class="dropdown-menu">
-							<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+							<li><a href="/events/index">List Events</a></li>
 							<?php if ($isAclAdd): ?>
-							<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+							<li><a href="/events/add">Add Event</a></li>
 							<?php endif; ?>
 							<li class="divider"></li>
-							<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
-							<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
+							<li><a href="/attributes/index">List Attributes</a></li>
+							<li><a href="/attributes/search">Search Attributes</a></li>
 							<li class="divider"></li>
-							<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+							<li><a href="/events/export">Export</a></li>
 							<?php if ($isAclAuth): ?>
-							<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+							<li><a href="/events/automation">Automation</a></li>
 							<?php endif;?>
 
 						</ul>
@@ -36,14 +36,14 @@
 						</a>
 						<ul class="dropdown-menu">
 							<?php if ($isSiteAdmin): ?>
-							<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index', 'admin' => true)); ?> </li>
-							<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index', 'admin' => true)); ?> </li>
-							<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index', 'admin' => true)); ?> </li>
+							<li><a href="/admin/blacklists/index">Import Blacklist</a></li>
+							<li><a href="/admin/regexp/index">Import Regexp</a></li>
+							<li><a href="/admin/whitelists/index">Signature Whitelist</a></li>
 							<?php endif;?>
 							<?php if (!$isSiteAdmin): ?>
-							<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index')); ?> </li>
-							<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index')); ?> </li>
-							<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index')); ?> </li>
+							<li><a href="/blacklists/index">Import Blacklist</a></li>
+							<li><a href="/regexp/index">Import Regexp</a></li>
+							<li><a href="/whitelists/index">Signature Whitelist</a></li>
 							<?php endif;?>
 						</ul>
 					</li>
@@ -54,13 +54,13 @@
 							<b class="caret"></b>
 						</a>
 						<ul class="dropdown-menu">
-							<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news', 'plugin' => false)); ?> </li>
-							<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me', 'plugin' => false)); ?> </li>
-							<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist', 'plugin' => false)); ?> </li>
-							<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation', 'plugin' => false)); ?> </li>
-							<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms', 'plugin' => false)); ?> </li>
+							<li><a href="/users/news">News</a></li>
+							<li><a href="/users/view/me">My Profile</a></li>
+							<li><a href="/users/memberslist">Members List</a></li>
+							<li><a href="/display/documentation">User Guide</a></li>
+							<li><a href="/users/terms">Terms &amp; Conditions</a></li>
 							<li class="divider"></li>
-							<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout', 'plugin' => false)); ?> </li>
+							<li><a href="/users/logout">Log out</a></li>
 						</ul>
 					</li>
 
@@ -71,7 +71,7 @@
 							<b class="caret"></b>
 						</a>
 						<ul class="dropdown-menu">
-							<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index', 'plugin' => false));?></li>
+							<li><a href="/servers/index">List Servers</a></li>
 						</ul>
 					</li>
 					<?php endif;?>
@@ -83,16 +83,16 @@
 							<b class="caret"></b>
 						</a>
 						<ul class="dropdown-menu">
-							<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true, 'plugin' => false)); ?> </li>
-							<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true, 'plugin' => false)); ?> </li>
+							<li><a href="/admin/users/add">New User</a></li>
+							<li><a href="/admin/users/index">List Users</a></li>
 							<li class="divider"></li>
 							<?php if($isSiteAdmin): ?>
-							<li><?php echo $this->Html->link(__('New Role', true), array('controller' => 'roles', 'action' => 'add', 'admin' => true, 'plugin' => false)); ?> </li>
+							<li><a href="/admin/roles/add">New Role</a></li>
 							<?php endif; ?>
-							<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index', 'admin' => true, 'plugin' => false)); ?> </li>
+							<li><a href="/admin/roles/index">List Roles</a></li>
 							<?php if($isSiteAdmin): ?>
 							<li class="divider"></li>
-							<li><?php echo $this->Html->link(__('Contact users', true), array('controller' => 'users', 'action' => 'email', 'admin' => true, 'plugin' => false)); ?> </li>
+							<li><a href="/admin/users/email">Contact Users</a></li>
 							<?php endif; ?>
 						</ul>
 					</li>
@@ -105,8 +105,8 @@
 							<b class="caret"></b>
 						</a>
 						<ul class="dropdown-menu">
-							<li><?php echo $this->Html->link(__('List Logs', true), array('controller' => 'logs', 'action' => 'index', 'admin' => true, 'plugin' => false)); ?> </li>
-							<li><?php echo $this->Html->link(__('Search Logs', true), array('controller' => 'logs', 'action' => 'admin_search', 'admin' => true, 'plugin' => false)); ?> </li>
+							<li><a href="/admin/logs/index">List Logs</a></li>
+							<li><a href="/admin/logs/search">Search Logs</a></li>
 						</ul>
 					</li>
 					<?php endif;?>
@@ -115,7 +115,7 @@
 			</div>
 			<div class="nav-collapse collapse pull-right">
 				<ul class="nav">
-					<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout', 'plugin' => false)); ?> </li>
+					<li><a href="/users/logout">Log out</a></li>
 				</ul>
 			</div>
 		<?php endif;?>

From 0cafc7ec6bee2628eff2ff4948fb147c0319fa9f Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 12:26:32 +0200
Subject: [PATCH 09/13] fix documentation link

---
 app/View/Elements/global_menu.ctp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/View/Elements/global_menu.ctp b/app/View/Elements/global_menu.ctp
index de6c8b262..4a5017d9f 100755
--- a/app/View/Elements/global_menu.ctp
+++ b/app/View/Elements/global_menu.ctp
@@ -57,7 +57,7 @@
 							<li><a href="/users/news">News</a></li>
 							<li><a href="/users/view/me">My Profile</a></li>
 							<li><a href="/users/memberslist">Members List</a></li>
-							<li><a href="/display/documentation">User Guide</a></li>
+							<li><a href="/pages/display/documentation">User Guide</a></li>
 							<li><a href="/users/terms">Terms &amp; Conditions</a></li>
 							<li class="divider"></li>
 							<li><a href="/users/logout">Log out</a></li>

From 3ed50e2aeffa424e665f25a761d4bf8e6045bf06 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 17:24:41 +0200
Subject: [PATCH 10/13] improve UI of event index filtering

---
 app/Controller/EventsController.php |   3 +
 app/View/Events/index.ctp           | 274 +++++++++++++++++-----------
 app/View/Events/view.ctp            |   2 +-
 3 files changed, 170 insertions(+), 109 deletions(-)

diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index d1376b387..856824932 100755
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -87,6 +87,9 @@ class EventsController extends AppController {
 	public function index() {
 		// list the events
 
+		// TODO information exposure vulnerability - as we don't limit the filter depending on the CyDefSIG.showorg parameter
+		// this filter will work if showorg=false and users will be able to perform the filtering and see what events were posted by what org.
+		// same goes for orgc in all cases
 		//transform POST into GET
 		if($this->request->is("post")) {
 			$url = array('action'=>'index');
diff --git a/app/View/Events/index.ctp b/app/View/Events/index.ctp
index 5671b96e9..ec58b9a72 100755
--- a/app/View/Events/index.ctp
+++ b/app/View/Events/index.ctp
@@ -7,130 +7,206 @@
 	<div class="pagination">
         <ul>
         <?php
-        $this->Paginator->options(array(
-            'update' => '.span12',
-            'evalScripts' => true,
-            'before' => '$(".progress").show()',
-            'complete' => '$(".progress").hide()',
-        ));
-
+	        $this->Paginator->options(array(
+	            'update' => '.span12',
+	            'evalScripts' => true,
+	            'before' => '$(".progress").show()',
+	            'complete' => '$(".progress").hide()',
+	        ));
             echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
             echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
             echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
         ?>
         </ul>
     </div>
-	<?php echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px')); ?>
-	<div class="input-prepend input-append" style="margin-bottom:0px;">
-		<div id = "searchcancel" class="add-on span" style="margin-left:0px; margin-top:25px">
-			<div><a href=# onClick='resetForm()'><div class="icon-remove" style = "margin-top:3px"></div></a></div>
+	<?php
+	echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
+	?>
+	<!--  div class="input-prepend input-append" style="margin-bottom:0px;">
+		<div id="searchcancel" class="add-on span" style="margin-left:0px; margin-top:25px">
+			<div><a href="#" onClick='resetForm()'><div class="icon-remove" style = "margin-top:3px"></div></a></div>
 		</div>
-		<div id = "searchinfo" class="span" style="width:220px; margin-left:0px">
+		<div id="searchinfo" class="span" style="width:220px; margin-left:0px">
 		<?php
-			echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'label' => 'Info'));
-		?>
-		</div><div id = "searchorgc" class="span" style="margin-left:0px; width:220px">
-		<?php
-			echo $this->Form->input('searchorgc', array('value' => $this->passedArgs['searchorgc'], 'label' => 'Org'));
-		?>
-		</div><div id = "searchpublished" class="span" style="margin-left:0px; width:220px">
-		<?php
-			echo $this->Form->input('searchpublished', array('options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'), 'default' => 2, 'label' => 'Published'));
-		?>
-		</div><div id = "searchfrom" class="span" style="margin-left:0px; width:110px">
-		<?php
-			echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'label' => 'From', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
-		?>
-		</div><div id = "searchuntil" class="span" style="margin-left:0px; width:110px">
-		<?php
-			echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'label' => 'Until', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
-		?>
-		</div><div id = "searchbutton" class="span" style="margin-left:0px; margin-top:25px">
-		<?php
-		echo $this->Form->button('Go', array('class' => 'btn'));
+			//echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'label' => 'Info'));
 		?>
 		</div>
-	</div>
+		<div id="searchorgc" class="span" style="margin-left:0px; width:220px">
+		<?php
+			//echo $this->Form->input('searchorgc', array('value' => $this->passedArgs['searchorgc'], 'label' => 'Org'));
+		?>
+		</div>
+		<div id="searchpublished" class="span" style="margin-left:0px; width:220px">
+		<?php
+			//echo $this->Form->input('searchpublished', array('options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'), 'default' => 2, 'label' => 'Published'));
+		?>
+		</div>
+		<div id="searchfrom" class="span" style="margin-left:0px; width:110px">
+		<?php
+			//echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'label' => 'From', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
+		?>
+		</div>
+		<div id="searchuntil" class="span" style="margin-left:0px; width:110px">
+		<?php
+			//echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'label' => 'Until', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
+		?>
+		</div>
+		<div id="searchbutton">
+		<?php
+		//echo $this->Form->submit();
+		?>
+		</div>
+	</div -->
 	<?php
 	// Let's output a small label of each filter
 	$count = 0;
 	?>
-	<table><tr>
-		<?php
-		foreach ($this->passedArgs as $k => $v) {
-			if ((substr($k, 0, 6) === 'search')) {
-				$searchTerm = substr($k, 6);
-				if ($searchTerm === 'published') {
-					switch ($v) {
-						case '0' :
-							$value = 'No';
-							break;
-						case '1' :
-							$value = 'Yes';
-							break;
-						case '2' :
-							continue 2;
-							break;
-					}
- 				} else {
-					if (!$v) {
-						continue;
-					}
-					$value = $v;
-				}
-			?>
-			<td class="<?php echo (($count < 1) ? 'searchLabelFirst' : 'searchLabel');?>"><?php echo $searchTerm; ?> : <?php echo $value; ?></td>
+	<table>
+		<tr>
 			<?php
-			$count++;
+			foreach ($this->passedArgs as $k => $v) {
+				if ((substr($k, 0, 6) === 'search')) {
+					$searchTerm = substr($k, 6);
+					if ($searchTerm === 'published') {
+						switch ($v) {
+							case '0' :
+								$value = 'No';
+								break;
+							case '1' :
+								$value = 'Yes';
+								break;
+							case '2' :
+								continue 2;
+								break;
+						}
+	 				} else {
+						if (!$v) {
+							continue;
+						}
+						$value = $v;
+					}
+				?>
+				<td class="<?php echo (($count < 1) ? 'searchLabelFirst' : 'searchLabel');?>">
+					<?php echo $searchTerm; ?> : <?php echo $value; ?>
+				</td>
+				<?php
+				$count++;
+				}
 			}
-		}
-		if ($count > 0) {
-	?>
-	<td class="searchLabelCancel"><?php echo $this->Html->link('', array('controller' => 'events', 'action' => 'index'), array('class' => 'icon-remove', 'title' => 'Remove filters'));?></td>
-	<?php
-	}
-	?>
-	</tr></table>
-	<?php
-		echo $this->Form->end();
-	?>
+			if ($count > 0) {
+			?>
+			<td class="searchLabelCancel">
+				<?php echo $this->Html->link('', array('controller' => 'events', 'action' => 'index'), array('class' => 'icon-remove', 'title' => 'Remove filters'));?>
+			</td>
+			<?php
+			}
+			?>
+		</tr>
+	</table>
+	<input type="submit" style="visibility:collapse;" />
 	<table class="table table-striped table-hover table-condensed">
 		<tr>
-			<th><?php echo $this->Paginator->sort('published', 'Valid.');?><a href=# onClick='enableField("searchpublished")'><br /><div class="icon-search"></div></a></th>
+			<th class="filter">
+				<?php echo $this->Paginator->sort('published', 'Valid.');?>
+				<a onclick="$('#searchpublished').toggle();" class="icon-search"></a>
+				<span id="searchpublished"><br/>
+					<?php
+					// on change jquery will submit the form
+					echo $this->Form->input('searchpublished', array(
+							'options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'),
+							'default' => 2,
+							'label' => '',
+							'class' => 'input-mini',
+							'onchange' => "$('#EventIndexForm').submit()"
+							));
+					?>
+				</span>
+			</th>
 			<?php
-				if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
-					if ($isSiteAdmin) { ?>
+			if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
+				if ($isSiteAdmin) { ?>
 			<th><?php echo $this->Paginator->sort('org'); ?></th>
 				<?php
 					} else { ?>
-			<th><?php echo $this->Paginator->sort('org'); ?><a href=# onClick='enableField("searchorgc")'><br /><div class="icon-search"></div></a></th></th>
+			<th class="filter"><?php echo $this->Paginator->sort('org'); ?>
+				<a onclick="toggleField('#searchorg')" class="icon-search"></a>
+			</th>
 				<?php
 					}
 				}
 			?>
 			<?php if ($isSiteAdmin): ?>
-			<th><?php echo $this->Paginator->sort('owner org');?><a href=# onClick='enableField("searchorgc")'><br /><div class="icon-search"></div></a></th>
+			<th class="filter">
+				<?php echo $this->Paginator->sort('owner org');?>
+				<a onclick="toggleField('#searchorgc')" class="icon-search"></a>
+				<span id="searchorgc"><br/>
+				<?php
+					echo $this->Form->input('searchorgc', array(
+							'value' => $this->passedArgs['searchorgc'],
+							'label' => '',
+							'class' => 'input-mini'));
+				?>
+				</span>
+			</th>
 			<?php endif; ?>
 			<th><?php echo $this->Paginator->sort('id');?></th>
 			<th><?php echo $this->Paginator->sort('attribute_count', '#Attr.');?></th>
 			<?php if ($isAdmin): ?>
 			<th><?php echo $this->Paginator->sort('user_id', 'Email');?></th>
 			<?php endif; ?>
-			<th><?php echo $this->Paginator->sort('date');?><a href=# onClick='enableDate()'><br /><div class="icon-search"></div></a></th>
+			<th class="filter">
+				<?php echo $this->Paginator->sort('date');?>
+				<a onclick="toggleField('#searchdate')" class="icon-search"></a>
+				<br/>
+				<div id="searchdate" class="input-append input-prepend">
+							<?php
+							echo $this->Form->input('searchDatefrom', array(
+									'value' => $this->passedArgs['searchDatefrom'],
+									'label' => false,
+									'div' => false,
+									'class' => 'span1 datepicker',
+									));
+							?>
+							<input type="submit" class="btn" value="&gt;"/>
+							<?php
+							echo $this->Form->input('searchDateuntil', array(
+									'value' => $this->passedArgs['searchDateuntil'],
+									'label' => false,
+									'class' => 'span1 datepicker',
+									'div' => false
+									));
+							?>
+				</div>
+			</th>
 			<th title="<?php echo $eventDescriptions['risk']['desc'];?>">
 				<?php echo $this->Paginator->sort('risk');?>
 			</th>
 			<th title="<?php echo $eventDescriptions['analysis']['desc'];?>">
 				<?php echo $this->Paginator->sort('analysis');?>
 			</th>
-			<th><?php echo $this->Paginator->sort('info');?><a href=# onClick='enableField("searchinfo")'><br /><div class="icon-search"></div></a></th>
+			<th class="filter">
+				<?php echo $this->Paginator->sort('info');?>
+				<a onclick="toggleField('#searchinfo')" class="icon-search"></a>
+				<span id="searchinfo"><br/>
+				<?php
+					echo $this->Form->input('searchinfo', array(
+							'value' => $this->passedArgs['searchinfo'],
+							'label' => '',
+							'class' => 'input-large'));
+				?>
+				</span>
+			</th>
 			<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
 			<th title="<?php echo $eventDescriptions['distribution']['desc'];?>">
 				<?php echo $this->Paginator->sort('distribution');?>
 			</th>
 			<?php endif; ?>
-			<th class="actions"><?php echo __('Actions');?></th>
+			<th class="actions">Actions</th>
+
 		</tr>
+		<?php
+		echo $this->Form->end();
+		?>
 		<?php foreach ($events as $event):?>
 		<tr>
 			<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
@@ -239,37 +315,19 @@
 	</ul>
 </div>
 <script>
-$(document).ready(disableAll());
+$(document).ready( function () {
+	// onload hide all buttons
+	$('#searchinfo').hide();
+	$('#searchorgc').hide();
+	$('#searchdate').hide();
+	$('#searchpublished').hide();
 
-function resetForm() {
-	document.getElementById('EventSearchinfo').value=null;
-	document.getElementById('EventSearchorgc').value=null;
-	document.getElementById('EventSearchpublished').value=2;
-	disableAll();
+});
+
+function toggleField(field) {
+	$(field).toggle();
+	$(field +" input").focus();
 }
 
-function disableAll() {
-	disableField('searchinfo');
-	disableField('searchorgc');
-	disableField('searchfrom');
-	disableField('searchuntil');
-	disableField('searchpublished');
-	disableField('searchbutton');
-	disableField('searchcancel');
-}
-
-function disableField(field) {
-	document.getElementById(field).style.display="none";
-}
-function enableField(field) {
-	document.getElementById(field).style.display="";
-	document.getElementById('searchbutton').style.display="";
-	document.getElementById('searchcancel').style.display="";
-}
-
-function enableDate() {
-	enableField('searchfrom');
-	enableField('searchuntil');
-}
 
 </script>
\ No newline at end of file
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index 4c0ec7de3..3f4560054 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -11,7 +11,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 		<li class="divider"></li>
 		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
 		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $event['Event']['id']));?> </li>
+		<li><?php echo $this->Html->link('Populate from IOC', array('controller' => 'events', 'action' => 'addIOC', $event['Event']['id']));?> </li>
 		<?php else:	?>
 		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $event['Event']['id']));?> </li>
 		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>

From e0c0e7ccf5dde3cafab59823090eff31211a363b Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 17:57:20 +0200
Subject: [PATCH 11/13] unified links

---
 app/View/Events/add.ctp        | 12 ++++----
 app/View/Events/add_i_o_c.ctp  | 32 +++++++++++++---------
 app/View/Events/automation.ctp | 12 ++++----
 app/View/Events/contact.ctp    | 34 +++++++++++++----------
 app/View/Events/edit.ctp       | 30 ++++++++++----------
 app/View/Events/export.ctp     | 12 ++++----
 app/View/Events/index.ctp      | 50 +++++-----------------------------
 app/View/Events/view.ctp       | 30 ++++++++++----------
 8 files changed, 94 insertions(+), 118 deletions(-)

diff --git a/app/View/Events/add.ctp b/app/View/Events/add.ctp
index 244dda8c0..a8d12e3b9 100755
--- a/app/View/Events/add.ctp
+++ b/app/View/Events/add.ctp
@@ -38,17 +38,17 @@ echo $this->Form->end();
 
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li class="active"><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li class="active"><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
-		<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
+		<li><a href="/attributes/index">List Attributes</a></li>
+		<li><a href="/attributes/search">Search Attributes</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+		<li><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
-		<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+		<li><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
diff --git a/app/View/Events/add_i_o_c.ctp b/app/View/Events/add_i_o_c.ctp
index ce834fc69..35ad77b23 100644
--- a/app/View/Events/add_i_o_c.ctp
+++ b/app/View/Events/add_i_o_c.ctp
@@ -16,26 +16,32 @@ echo $this->Form->end();
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $id)); ?> </li>
+		<li><a href="/events/view/<?php echo $this->request->data['Event']['id'];?>">View Event</a></li>
 		<?php if ($isSiteAdmin || $mayModify): ?>
-		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $id)); ?> </li>
-		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $id), null, __('Are you sure you want to delete # %s?', $id)); ?></li>
+		<li><a href="/events/edit/<?php echo $this->request->data['Event']['id'];?>">Edit Event</a></li>
+		<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $id));?> </li>
-		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $id));?> </li>
-		<li class="active"><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $id));?> </li>
+		<li><a href="/attributes/add/<?php echo $this->request->data['Event']['id'];?>">Add Attribute</a></li>
+		<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Add Attachment</a></li>
+		<li class="active"><a href="/events/addIOC/<?php echo $this->request->data['Event']['id'];?>">Populate from IOC</a></li>
 		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $id));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $id));?> </li>
+		<li><a href="/shadow_attributes/add/<?php echo $this->request->data['Event']['id'];?>">Propose Attribute</a></li>
+		<li><a href="/shadow_attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Propose Attachment</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $id)); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $id)); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $id)); ?> </li>
+		<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
+		<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $this->request->data['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
+		<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $this->request->data['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
+		<?php else: ?>
+		<!-- ul><li>Alert already sent</li></ul -->
+		<?php endif; ?>
+		<li><a href="/events/contact/<?php echo $this->request->data['Event']['id'];?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $this->request->data['Event']['id'];?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Event']['id'];?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
 </div>
\ No newline at end of file
diff --git a/app/View/Events/automation.ctp b/app/View/Events/automation.ctp
index 104ee9467..0819526e8 100644
--- a/app/View/Events/automation.ctp
+++ b/app/View/Events/automation.ctp
@@ -58,17 +58,17 @@ This would enable you to export:</p>
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
-		<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
+		<li><a href="/attributes/index">List Attributes</a></li>
+		<li><a href="/attributes/search">Search Attributes</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+		<li><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
-		<li class="active"><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+		<li class="active"><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
diff --git a/app/View/Events/contact.ctp b/app/View/Events/contact.ctp
index 8ac364a29..c27bb3965 100755
--- a/app/View/Events/contact.ctp
+++ b/app/View/Events/contact.ctp
@@ -35,26 +35,32 @@ $mayPublish = ($isAclPublish && $this->request->data['Event']['orgc'] == $me['or
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Event']['id'])); ?> </li>
+		<li><a href="/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
 		<?php if ($isSiteAdmin || $mayModify): ?>
-		<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Event']['id'])); ?> </li>
-		<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
+		<li><a href="/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
+		<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Event']['id']));?> </li>
+		<li><a href="/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
+		<li><a href="/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
+		<li><a href="/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from IOC</a></li>
 		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
+		<li><a href="/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
+		<li><a href="/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li class="active"><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Event']['id'])); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Event']['id'])); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Event']['id'])); ?> </li>
+		<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)): ?>
+		<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
+		<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
+		<?php else: ?>
+		<!-- ul><li>Alert already sent</li></ul -->
+		<?php endif; ?>
+		<li class="active"><a href="/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $event['Event']['id'];?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $event['Event']['id'];?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
-</div>
\ No newline at end of file
+</div>
diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp
index 35a8dfc8f..916632009 100755
--- a/app/View/Events/edit.ctp
+++ b/app/View/Events/edit.ctp
@@ -36,35 +36,37 @@ echo $this->Form->end();
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('View Event', array('action' => 'view', $this->request->data['Event']['id'])); ?> </li>
-
-		<li class="active"><?php echo $this->Html->link('Edit Event', array('action' => 'edit', $this->request->data['Event']['id'])); ?> </li>
+		<li><a href="/events/view/<?php echo $this->request->data['Event']['id'];?>">View Event</a></li>
+		<?php if ($isSiteAdmin || $mayModify): ?>
+		<li class="active"><a href="/events/edit/<?php echo $this->request->data['Event']['id'];?>">Edit Event</a></li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Event']['id']));?> </li>
+		<li><a href="/attributes/add/<?php echo $this->request->data['Event']['id'];?>">Add Attribute</a></li>
+		<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Add Attachment</a></li>
+		<li><a href="/events/addIOC/<?php echo $this->request->data['Event']['id'];?>">Populate from IOC</a></li>
+		<?php else:	?>
+		<li><a href="/shadow_attributes/add/<?php echo $this->request->data['Event']['id'];?>">Propose Attribute</a></li>
+		<li><a href="/shadow_attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Propose Attachment</a></li>
+		<?php endif; ?>
 		<li class="divider"></li>
 		<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
 		<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $this->request->data['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
 		<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $this->request->data['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
-		<?php elseif (0 == $this->request->data['Event']['published']): ?>
-		<li>Not published</li>
 		<?php else: ?>
 		<!-- ul><li>Alert already sent</li></ul -->
 		<?php endif; ?>
-		<li><?php echo $this->Html->link(__('Contact reporter', true), array('action' => 'contact', $this->request->data['Event']['id'])); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('action' => 'xml', 'download', $this->request->data['Event']['id'])); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('action' => 'downloadOpenIOCEvent', $this->request->data['Event']['id'])); ?> </li>
-
+		<li><a href="/events/contact/<?php echo $this->request->data['Event']['id'];?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $this->request->data['Event']['id'];?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Event']['id'];?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
 </div>
 
+
 <script type="text/javascript">
 //
 //Generate tooltip information
diff --git a/app/View/Events/export.ctp b/app/View/Events/export.ctp
index 1d0b55646..2e26cb47e 100755
--- a/app/View/Events/export.ctp
+++ b/app/View/Events/export.ctp
@@ -51,17 +51,17 @@
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
-		<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
+		<li><a href="/attributes/index">List Attributes</a></li>
+		<li><a href="/attributes/search">Search Attributes</a></li>
 		<li class="divider"></li>
-		<li class="active"><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+		<li class="active"><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
-		<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+		<li><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
\ No newline at end of file
diff --git a/app/View/Events/index.ctp b/app/View/Events/index.ctp
index ec58b9a72..fedab9a34 100755
--- a/app/View/Events/index.ctp
+++ b/app/View/Events/index.ctp
@@ -21,43 +21,6 @@
     </div>
 	<?php
 	echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-	?>
-	<!--  div class="input-prepend input-append" style="margin-bottom:0px;">
-		<div id="searchcancel" class="add-on span" style="margin-left:0px; margin-top:25px">
-			<div><a href="#" onClick='resetForm()'><div class="icon-remove" style = "margin-top:3px"></div></a></div>
-		</div>
-		<div id="searchinfo" class="span" style="width:220px; margin-left:0px">
-		<?php
-			//echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'label' => 'Info'));
-		?>
-		</div>
-		<div id="searchorgc" class="span" style="margin-left:0px; width:220px">
-		<?php
-			//echo $this->Form->input('searchorgc', array('value' => $this->passedArgs['searchorgc'], 'label' => 'Org'));
-		?>
-		</div>
-		<div id="searchpublished" class="span" style="margin-left:0px; width:220px">
-		<?php
-			//echo $this->Form->input('searchpublished', array('options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'), 'default' => 2, 'label' => 'Published'));
-		?>
-		</div>
-		<div id="searchfrom" class="span" style="margin-left:0px; width:110px">
-		<?php
-			//echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'label' => 'From', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
-		?>
-		</div>
-		<div id="searchuntil" class="span" style="margin-left:0px; width:110px">
-		<?php
-			//echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'label' => 'Until', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
-		?>
-		</div>
-		<div id="searchbutton">
-		<?php
-		//echo $this->Form->submit();
-		?>
-		</div>
-	</div -->
-	<?php
 	// Let's output a small label of each filter
 	$count = 0;
 	?>
@@ -300,20 +263,21 @@
 </div>
 <div class="actions">
 	<ul class="nav nav-list">
-		<li class="active"><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li class="active"><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
-		<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
+		<li><a href="/attributes/index">List Attributes</a></li>
+		<li><a href="/attributes/search">Search Attributes</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
+		<li><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
-		<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
+		<li><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
+
 <script>
 $(document).ready( function () {
 	// onload hide all buttons
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index 3f4560054..efc6c4c35 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -2,19 +2,19 @@
 $mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
 $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 ?>
-<div class="actions" style="width:12%">
+<div class="actions">
 	<ul class="nav nav-list">
-		<li class="active"><?php echo $this->Html->link('View Event', array('action' => 'view', $event['Event']['id'])); ?> </li>
+		<li class="active"><a href="/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
 		<?php if ($isSiteAdmin || $mayModify): ?>
-		<li><?php echo $this->Html->link('Edit Event', array('action' => 'edit', $event['Event']['id'])); ?> </li>
+		<li><a href="/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
 		<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Populate from IOC', array('controller' => 'events', 'action' => 'addIOC', $event['Event']['id']));?> </li>
+		<li><a href="/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
+		<li><a href="/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
+		<li><a href="/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from IOC</a></li>
 		<?php else:	?>
-		<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $event['Event']['id']));?> </li>
-		<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
+		<li><a href="/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
+		<li><a href="/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
 		<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)): ?>
@@ -23,21 +23,19 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 		<?php else: ?>
 		<!-- ul><li>Alert already sent</li></ul -->
 		<?php endif; ?>
-		<li><?php echo $this->Html->link(__('Contact reporter', true), array('action' => 'contact', $event['Event']['id'])); ?> </li>
-		<li><?php echo $this->Html->link(__('Download as XML', true), array('action' => 'xml', 'download', $event['Event']['id'])); ?></li>
-		<li><?php echo $this->Html->link(__('Download as IOC', true), array('action' => 'downloadOpenIOCEvent', $event['Event']['id'])); ?> </li>
-
+		<li><a href="/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
+		<li><a href="/events/xml/download/<?php echo $event['Event']['id'];?>">Download as XML</a></li>
+		<li><a href="/events/downloadOpenIOCEvent/<?php echo $event['Event']['id'];?>">Download as IOC</a></li>
 		<li class="divider"></li>
-		<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
+		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
-		<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
+		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 	</ul>
-
 </div>
 
 
-<div class="events view" style="width:83%">
+<div class="events view">
 
 	<?php
 	if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {

From 722107195df8a44519a5d845a608a96fc44ff9e2 Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 17:58:08 +0200
Subject: [PATCH 12/13] UI filter of event view (forgot this file)

---
 app/webroot/css/main.css | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/webroot/css/main.css b/app/webroot/css/main.css
index fcf5fc18b..8c440bce5 100755
--- a/app/webroot/css/main.css
+++ b/app/webroot/css/main.css
@@ -83,6 +83,13 @@ ul.nav li.dropdown:hover ul.dropdown-menu{
 	display: block;
 }
 
+th.filter {
+	white-space:nowrap;
+}
+th.filter a {
+	cursor: pointer;
+}
+
 td.searchLabel{
     opacity: 50;
     height: 20px;

From de8793fbfc8412695e871d95669896f4fd64f53c Mon Sep 17 00:00:00 2001
From: Christophe Vandeplas <christophe@vandeplas.com>
Date: Mon, 10 Jun 2013 18:01:04 +0200
Subject: [PATCH 13/13] Performance - caching of CakeRouting and url generation

---
 app/Config/bootstrap.default.php              |   6 +-
 .../UrlCache/Lib/Routing/UrlCacheManager.php  | 158 ++++++++++++++++++
 .../View/Helper/UrlCacheAppHelper.php         |  74 ++++++++
 app/View/Helper/AppHelper.php                 |   9 +-
 4 files changed, 241 insertions(+), 6 deletions(-)
 create mode 100755 app/Plugin/UrlCache/Lib/Routing/UrlCacheManager.php
 create mode 100755 app/Plugin/UrlCache/View/Helper/UrlCacheAppHelper.php

diff --git a/app/Config/bootstrap.default.php b/app/Config/bootstrap.default.php
index 2df0181b6..f83b38008 100755
--- a/app/Config/bootstrap.default.php
+++ b/app/Config/bootstrap.default.php
@@ -98,7 +98,6 @@
  */
 Cache::config('default', array('engine' => 'File'));
 
-//Configure::write('CyDefSIG.baseurl', 'https://sig.cyber-defence.be');
 Configure::write('CyDefSIG.baseurl', 'http://localhost:8888');
 if (!Configure::read('CyDefSIG.baseurl')) {
 	if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) {
@@ -108,8 +107,8 @@ if (!Configure::read('CyDefSIG.baseurl')) {
 	}
 }
 Configure::write('CyDefSIG.name', 'MISP');
-Configure::write('CyDefSIG.version', '2.0');
-Configure::write('CyDefSIG.header', 'CyDefSIG: Cyber Defence Signature Sharing Platform');
+Configure::write('CyDefSIG.version', 'devel2.1');
+Configure::write('CyDefSIG.header', 'MISP: Malware Information Sharing Platform');
 Configure::write('CyDefSIG.footerpart1', 'Powered by MISP');
 Configure::write('CyDefSIG.footerpart2', '&copy; Belgian Defense CERT & NCIRC');
 Configure::write('CyDefSIG.footer', Configure::read('CyDefSIG.footerpart1') . ' ' . Configure::read('CyDefSIG.footerpart2'));
@@ -186,6 +185,7 @@ CakePlugin::load('SysLog');
 CakePlugin::load('Assets'); // having Logable
 CakePlugin::load('SysLogLogable');
 CakePlugin::load('MagicTools'); // having OrphansProtectable
+CakePlugin::load('UrlCache');
 
 /**
  * You can attach event listeners to the request lifecyle as Dispatcher Filter . By Default CakePHP bundles two filters:
diff --git a/app/Plugin/UrlCache/Lib/Routing/UrlCacheManager.php b/app/Plugin/UrlCache/Lib/Routing/UrlCacheManager.php
new file mode 100755
index 000000000..d78260c9f
--- /dev/null
+++ b/app/Plugin/UrlCache/Lib/Routing/UrlCacheManager.php
@@ -0,0 +1,158 @@
+<?php
+
+/**
+ * This class will statically hold in memory url's indexed by a custom hash
+ * 
+ * @licence MIT
+ * @modified Mark Scherer
+ * - now easier to integrate
+ * - optimization for `pageFiles` (still stores urls with only controller/action keys in global file)
+ * - can handle legacy `prefix` urls
+ * 
+ * 2012-02-13 ms
+ */
+class UrlCacheManager {
+	
+	/**
+	 * Holds all generated urls so far by the application indexed by a custom hash
+	 *
+	 */
+	public static $cache = array();
+	
+	/**
+	 * Holds all generated urls so far by the application indexed by a custom hash
+	 *
+	 */
+	public static $cachePage = array();
+	
+	/**
+	 * Holds all generated urls so far by the application indexed by a custom hash
+	 *
+	 */
+	public static $extras = array();
+	
+	/**
+	 * type for the current set (triggered by last get)
+	 */
+	public static $type = 'cache'; 
+	
+	/**
+	 * key for current get/set
+	 */
+	public static $key = null; 
+	
+	/**
+	 * cache key for pageFiles
+	 */
+	public static $cacheKey = 'url_map'; 
+	
+	/**
+	 * cache key for pageFiles
+	 */
+	public static $cachePageKey = null; 
+
+	/**
+	 * params that will always be present and will determine the global cache if pageFiles is used
+	 */
+	public static $paramFields = array('controller', 'plugin', 'action', 'prefix');
+
+	/**
+	 * should be called in beforeRender()
+	 * 
+	 */
+	public static function init(View $View) {
+		$params = $View->request->params;
+		if (Configure::read('UrlCache.pageFiles')) {
+		  $cachePageKey = '_misc';
+			if (is_object($View)) {
+				$path = $View->request->here;
+				if ($path == '/') {
+					$path = 'uc_homepage';
+				} else {
+					$path = strtolower(Inflector::slug($path));
+				}
+				if (empty($path)) {
+					$path = 'uc_error';
+				}
+				$cachePageKey = '_' . $path;
+			}
+			self::$cachePageKey = self::$cacheKey . $cachePageKey;
+			self::$cachePage = Cache::read(self::$cachePageKey, '_cake_core_');
+		}
+		self::$cache = Cache::read(self::$cacheKey, '_cake_core_');
+		
+		# still old "prefix true/false" syntax?
+		if (Configure::read('UrlCache.verbosePrefixes')) {
+			unset(self::$paramFields[3]);
+			self::$paramFields = array_merge(self::$paramFields, (array) Configure::read('Routing.prefixes'));
+		}
+		self::$extras = array_intersect_key($params, array_combine(self::$paramFields, self::$paramFields));
+		$defaults = array();
+		foreach (self::$paramFields as $field) {
+			$defaults[$field] = '';
+		}
+		self::$extras = array_merge($defaults, self::$extras);
+	}
+	
+	/**
+	 * should be called in afterLayout()
+	 * 
+	 */
+	public static function finalize() {
+		Cache::write(self::$cacheKey, self::$cache, '_cake_core_');
+		if (Configure::read('UrlCache.pageFiles') && !empty(self::$cachePage)) {
+			Cache::write(self::$cachePageKey, self::$cachePage, '_cake_core_');
+		}
+	}
+
+
+	/**
+	 * Returns the stored url if it was already generated, false otherwise
+	 *
+	 * @param string $key 
+	 * @return mixed
+	 */
+	public static function get($url, $full) {
+		$keyUrl = $url;
+		if (is_array($keyUrl)) {
+		  $keyUrl += self::$extras;
+		  # prevent different hashs on different orders
+		  ksort($keyUrl, SORT_STRING);
+		  # prevent different hashs on different types (int/string/bool)
+			foreach ($keyUrl as $key => $val) {
+				$keyUrl[$key] = (String) $val;
+			}
+		}
+		self::$key = md5(serialize($keyUrl) . $full);
+
+		if (Configure::read('UrlCache.pageFiles')) {
+			self::$type = 'cachePage';
+			if (is_array($keyUrl)) {
+				$res = array_diff_key($keyUrl, self::$extras);
+				if (empty($res)) {
+					self::$type = 'cache';
+				}
+			}
+			if (self::$type === 'cachePage') {
+				return isset(self::$cachePage[self::$key]) ? self::$cachePage[self::$key] : false;
+			}
+		}
+		return isset(self::$cache[self::$key]) ? self::$cache[self::$key] : false;
+	}
+
+	/**
+	 * Stores a ney key in memory cache
+	 *
+	 * @param string $key 
+	 * @param mixed data to be stored
+	 * @return void
+	 */
+	public static function set($data) {
+		if (Configure::read('UrlCache.pageFiles') && self::$type === 'cachePage') {
+			self::$cachePage[self::$key] = $data;
+		} else {
+			self::$cache[self::$key] = $data;
+		}
+	}
+	
+}
\ No newline at end of file
diff --git a/app/Plugin/UrlCache/View/Helper/UrlCacheAppHelper.php b/app/Plugin/UrlCache/View/Helper/UrlCacheAppHelper.php
new file mode 100755
index 000000000..afa93bfb2
--- /dev/null
+++ b/app/Plugin/UrlCache/View/Helper/UrlCacheAppHelper.php
@@ -0,0 +1,74 @@
+<?php
+
+/*
+* App Helper url caching
+* Copyright (c) 2009 Matt Curry
+* www.PseudoCoder.com
+* http://github.com/mcurry/cakephp/tree/master/snippets/app_helper_url
+* http://www.pseudocoder.com/archives/2009/02/27/how-to-save-half-a-second-on-every-cakephp-requestand-maintain-reverse-routing
+*
+* @author		Matt Curry <matt@pseudocoder.com>
+* @author		José Lorenzo Rodríguez
+* @license		MIT
+*
+* @modified 	Mark Scherer
+*/
+
+App::uses('Helper', 'View');
+App::uses('Inflector', 'Utility');
+App::uses('UrlCacheManager', 'UrlCache.Routing');
+
+class UrlCacheAppHelper extends Helper {
+
+	/**
+	 * This function is responsible for setting up the Url cache before the application starts generating urls in views
+	 *
+	 * @return void
+	 */
+	function beforeRender($viewFile) {
+		if (!Configure::read('UrlCache.active') || Configure::read('UrlCache.runtime.beforeRender')) {
+			return;
+		}
+
+		# todo: maybe lazy load with HtmlHelper::url()?
+		UrlCacheManager::init($this->_View);
+		Configure::write('UrlCache.runtime.beforeRender', true);
+	}
+
+	/**
+	 * This method will store the current generated urls into a persistent cache for next use
+	 *
+	 * @return void
+	 */
+	function afterLayout($layoutFile = null) {
+		if (!Configure::read('UrlCache.active') || Configure::read('UrlCache.runtime.afterLayout')) {
+			return;
+		}
+
+		UrlCacheManager::finalize();
+		Configure::write('UrlCache.runtime.afterLayout', true);
+	}
+
+	/**
+	 * Intercepts the parent url function to first look if the cache was already generated for the same params
+	 *
+	 * @param mixed $url url to generate using cakephp array syntax
+	 * @param boolean $full wheter to generate a full url or not (http scheme)
+	 * @return string
+	 * @see Helper::url()
+	 */
+	function url($url = null, $full = false) {
+		if (Configure::read('UrlCache.active')) {
+			if ($cachedUrl = UrlCacheManager::get($url, $full)) {
+				return $cachedUrl;
+			}
+		}
+
+		$routerUrl = h(Router::url($url, $full));
+		if (Configure::read('UrlCache.active')) {
+			UrlCacheManager::set($routerUrl);
+		}
+		return $routerUrl;
+	}
+
+}
diff --git a/app/View/Helper/AppHelper.php b/app/View/Helper/AppHelper.php
index e37a794e9..cad630f85 100755
--- a/app/View/Helper/AppHelper.php
+++ b/app/View/Helper/AppHelper.php
@@ -20,7 +20,9 @@
  * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
  */
 
-App::uses('Helper', 'View');
+App::uses('UrlCacheAppHelper', 'UrlCache.View/Helper');
+
+
 
 /**
  * Application helper
@@ -30,12 +32,13 @@ App::uses('Helper', 'View');
  *
  * @package       app.View.Helper
  */
-class AppHelper extends Helper {
+class AppHelper extends UrlCacheAppHelper {
 
 	public function url($url = null, $full = false) {
 		if (is_array($url) && !isset($url['admin'])) {
 			$url['admin'] = false;
 		}
-		return parent::url($url, $full);
+ 		return parent::url($url, $full);
+
 	}
 }