Merge branch 'develop' into feature/CakeResque

Also, more work on the background jobs - started work on publishing - started making the background jobs an optional setting in bootstrap Conflicts: app/Controller/AppController.php app/Controller/EventsController.php
2013-12-04 11:58:01 +01:00 · 2013-12-04 11:58:01 +01:00 · 50f3fa40d0
parent 48383fe25b 5f155f47cc
commit 50f3fa40d0
46 changed files with 1046 additions and 933 deletions
--- a/.gitignore
+++ b/.gitignore
@ -19,3 +19,13 @@
 /cakephp
 /app/webroot/gpg.asc
 /app/Plugin/CakeResque/Config/bootstrap.php
 /app/tmp/cached_exports/csv
 /app/tmp/cached_exports/csv_all
 /app/tmp/cached_exports/csv_sig
 /app/tmp/cached_exports/md5
 /app/tmp/cached_exports/sha1
 /app/tmp/cached_exports/snort
 /app/tmp/cached_exports/suricata
 /app/tmp/cached_exports/text
 /app/tmp/cached_exports/xml
 /app/tmp/logs
--- a/.travis.yml
+++ b/.travis.yml
@ -0,0 +1,35 @@
 language: php
 php:
    - 5.5
    - 5.4
    - 5.3
 env:
    - CAKE_VERSION=2.4.2 DB=mysql
    - CAKE_VERSION=master DB=mysql
 matrix:
    allow_failures:
        - php: 5.5
 before_script:
    - pecl install Crypt_GPG
    - pecl install Net_GeoIP
    - phpenv rehash
    - sh -c "if [ '$DB' = 'mysql' ]; then mysql -e 'CREATE DATABASE misp_test;'; fi"
    - git clone git://github.com/cakephp/cakephp ../cakephp && cd ../cakephp && git checkout $CAKE_VERSION
    - chmod -R 777 ../cakephp/app/tmp
    - echo "<?php
        class DATABASE_CONFIG {
        public \$test = array(
          'datasource' => 'Database/Mysql',
          'database' => 'misp_test',
          'host' => '0.0.0.0',
          'login' => 'travis',
          'host' => '',
          'persistent' => false
        );
        }" > app/Config/database.php
 script:
    - ./lib/Cake/Console/cake test app AllTests --stderr
--- a/INSTALL/MYSQL.sql
+++ b/INSTALL/MYSQL.sql
@ -13,13 +13,13 @@ CREATE TABLE IF NOT EXISTS `attributes` (
  `value2` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
  `to_ids` tinyint(1) NOT NULL DEFAULT '1',
  `uuid` varchar(40) COLLATE utf8_bin NOT NULL,
-  `timestamp` int(11) NOT NULL DEFAULT '0',
+  `timestamp` int(11) DEFAULT '0',
  `distribution` tinyint(4) NOT NULL DEFAULT '0',
-  `comment` text COLLATE utf8_bin NOT NULL,
+  `comment` text COLLATE utf8_bin,
  PRIMARY KEY (`id`),
  KEY `event_id` (`event_id`),
  KEY `uuid` (`uuid`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
@ -68,7 +68,8 @@ CREATE TABLE IF NOT EXISTS `correlations` (
  KEY `1_event_id` (`1_event_id`),
  KEY `1_attribute_id` (`1_attribute_id`),
  KEY `attribute_id` (`attribute_id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
 --
@ -77,9 +78,9 @@ CREATE TABLE IF NOT EXISTS `correlations` (
 CREATE TABLE IF NOT EXISTS `events` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `threat_level_id` int(11) DEFAULT NULL,
  `org` varchar(255) COLLATE utf8_bin NOT NULL,
  `date` date NOT NULL,
  `risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL,
  `info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
  `user_id` int(11) NOT NULL,
  `published` tinyint(1) NOT NULL DEFAULT '0',
@ -94,7 +95,7 @@ CREATE TABLE IF NOT EXISTS `events` (
  PRIMARY KEY (`id`),
  KEY `uuid` (`uuid`),
  FULLTEXT KEY `info` (`info`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
@ -115,13 +116,14 @@ CREATE TABLE IF NOT EXISTS `logs` (
  `org` varchar(255) COLLATE utf8_bin DEFAULT NULL,
  `description` varchar(255) COLLATE utf8_bin DEFAULT NULL,
  PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
 --
 -- Table structure for table `posts`
 --
 CREATE TABLE IF NOT EXISTS `posts` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `date_created` datetime NOT NULL,
@ -131,7 +133,7 @@ CREATE TABLE IF NOT EXISTS `posts` (
  `post_id` int(11) NOT NULL DEFAULT '0',
  `thread_id` int(11) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`)
-) ENGINE=InnoDB  DEFAULT CHARSET=latin1 ;
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
@ -145,7 +147,7 @@ CREATE TABLE IF NOT EXISTS `regexp` (
  `replacement` varchar(255) COLLATE utf8_bin NOT NULL,
  `type` varchar(100) COLLATE utf8_bin NOT NULL DEFAULT 'ALL',
  PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
@ -167,10 +169,10 @@ CREATE TABLE IF NOT EXISTS `roles` (
  `perm_audit` tinyint(1) DEFAULT NULL,
  `perm_full` tinyint(1) DEFAULT NULL,
  `perm_auth` tinyint(1) NOT NULL DEFAULT '0',
-  `perm_regexp_access` TINYINT( 1 ) NOT NULL DEFAULT  '0',
+  `perm_regexp_access` tinyint(1) NOT NULL DEFAULT '0',
-  `perm_site_admin` TINYINT( 1 ) NOT NULL DEFAULT  '0',
+  `perm_site_admin` tinyint(1) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=5 ;
 -- --------------------------------------------------------
@ -189,7 +191,7 @@ CREATE TABLE IF NOT EXISTS `servers` (
  `lastpulledid` int(11) NOT NULL,
  `lastpushedid` int(11) NOT NULL,
  PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
@ -213,12 +215,14 @@ CREATE TABLE IF NOT EXISTS `shadow_attributes` (
  KEY `event_id` (`event_id`),
  KEY `uuid` (`uuid`),
  KEY `old_id` (`old_id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
 --
 -- Table structure for table `threads`
 --
 CREATE TABLE IF NOT EXISTS `threads` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `date_created` datetime NOT NULL,
@ -230,7 +234,22 @@ CREATE TABLE IF NOT EXISTS `threads` (
  `title` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
  `org` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
  PRIMARY KEY (`id`)
-) ENGINE=InnoDB  DEFAULT CHARSET=latin1 ;
+) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
 --
 -- Table structure for table `threat_levels`
 --
 CREATE TABLE IF NOT EXISTS `threat_levels` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(50) NOT NULL,
  `description` varchar(255) DEFAULT NULL,
  `form_description` varchar(255) NOT NULL,
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
 --
@ -255,7 +274,7 @@ CREATE TABLE IF NOT EXISTS `users` (
  PRIMARY KEY (`id`),
  KEY `email` (`email`),
  KEY `password` (`password`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
 -- --------------------------------------------------------
@ -267,7 +286,7 @@ CREATE TABLE IF NOT EXISTS `whitelist` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
  PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 -- --------------------------------------------------------
@ -275,9 +294,9 @@ CREATE TABLE IF NOT EXISTS `whitelist` (
 -- Default values for initial installation
 --
-INSERT INTO `regexp` 
+INSERT INTO `regexp`
  (`regexp`, `replacement`)
-VALUES 
+VALUES
  ('/.:.ProgramData./i','%ALLUSERSPROFILE%\\\\'),
  ('/.:.Documents and Settings.All Users./i','%ALLUSERSPROFILE%\\\\'),
  ('/.:.Program Files.Common Files./i','%COMMONPROGRAMFILES%\\\\'),
@ -328,3 +347,17 @@ INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modi
 VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
 -- --------------------------------------------------------
 --
 -- Initial threat levels
 --
 INSERT INTO `threat_levels` (`id`, `name`, `description`, `form_description`)
 VALUES
  (1,'High','*high* means sophisticated APT malware or 0-day attack','Sophisticated APT malware or 0-day attack'),
  (2,'Medium','*medium* means APT malware','APT malware'),
  (3,'Low','*low* means mass-malware','Mass-malware'),
  (4,'Undefined','*undefined* no risk','No risk');
 -- --------------------------------------------------------
--- a/app/Config/Schema/db_correlation.php
+++ b/app/Config/Schema/db_correlation.php
@ -1,27 +0,0 @@
 <?php
 class DbCorrelationSchema extends CakeSchema {
 	public $name = 'DbCorrelation';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 	}
 	public $correlations = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'date' => array('type' => 'date', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/db_log.php
+++ b/app/Config/Schema/db_log.php
@ -1,28 +0,0 @@
 <?php 
 class DbLogSchema extends CakeSchema {
 	public $name = 'DbLog';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 	}
 	public $logs = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'title' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'model' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'model_id' => array('type' => 'integer', 'null' => true, 'default' => null),
 		'action' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'user_id' => array('type' => 'integer', 'null' => true, 'default' => null),
 		'change' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/db_log.sql
+++ b/app/Config/Schema/db_log.sql
@ -1,21 +0,0 @@
 -- Audit, log table
 -- works in conjunction with:
 -- https://github.com/alkemann/CakePHP-Assets/wiki
 -- also described at:
 -- http://bakery.cakephp.org/articles/alkemann/2008/10/21/logablebehavior
 DROP TABLE logs;
 CREATE TABLE logs (
  id int(11) NOT NULL AUTO_INCREMENT,
  title varchar(255),
  created DATETIME,
  description varchar(255),
  model varchar(20),
  model_id int(11),
  action varchar(20),
  user_id  int(11),
  `change` varchar(255),
  email  varchar(255),
  org varchar(255) COLLATE utf8_bin,
  PRIMARY KEY (id)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
--- a/app/Config/Schema/db_regexp.php
+++ b/app/Config/Schema/db_regexp.php
@ -1,20 +0,0 @@
 <?php
 class DbRegexpSchema extends CakeSchema {
 	public $name = 'DbRegexp';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 	}
 	public $regexp = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
 		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/db_role.php
+++ b/app/Config/Schema/db_role.php
@ -1,49 +0,0 @@
 <?php
 class DbRoleSchema extends CakeSchema {
 	public $name = 'DbRole';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 		if (isset($event['create'])) {
 			switch ($event['create']) {
 				case 'roles':
 					// populate roles
 					//$roles = ClassRegistry::init('Role');
 					//$roles->create();
 					//$roles->save(array('Role' => array('name' => 'malware analyst', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => false, 'perm_full' => false)));
 					//$roles->create();
 					//$roles->save(array('Role' => array('name' => 'admin', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => true, 'perm_full' => true)));
 					//$roles->create();
 					//$roles->save(array('Role' => array('name' => 'IDS analyst', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => true, 'perm_full' => false)));
 					//$roles->create();
 					//$roles->save(array('Role' => array('name' => 'guest', 'perm_add' => false, 'perm_modify' => false, 'perm_publish' => false, 'perm_full' => false)));
 					// populate Users.role_id
 					//$users = ClassRegistry::init('User');
 					//$user = $users->read(null, '1');
 					//$users->saveField('role_id', '2');	// $user['User']['role_id'] = '2';
 					break;
 			}
 		}
 	}
 	public $roles = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
 		'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'modified' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_modify_org' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_sync' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_admin' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_audit' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
 	);
 }
--- a/app/Config/Schema/db_role.sql
+++ b/app/Config/Schema/db_role.sql
@ -1,32 +0,0 @@
 -- ACL, role table
 -- works in conjunction with: CakePHP AclComponent
 CREATE TABLE roles (
    id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
    name VARCHAR(100) NOT NULL,
    perm_add boolean,
    perm_modify boolean,
    perm_modify_org boolean,
    perm_publish boolean,
    perm_full boolean,
    created DATETIME,
    modified DATETIME
 );
 -- ALTER TABLE users ADD COLUMN role_id INT(11);
 -- data of Roles
 -- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('malware analyst',true,true,false,false);
 -- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('admin',true,true,true,true);
 -- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('IDS analyst',true,true,true,false);
 -- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('guest',false,false,false,false);
 -- CakePHP AclComponent acor & aros tables
 -- aros table (should be auto generated on role create)
 -- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',1,1,2);
 -- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',2,3,4);
 -- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',3,5,6);
 -- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',4,7,8);
 -- aros_acos
--- a/app/Config/Schema/db_whitelist.php
+++ b/app/Config/Schema/db_whitelist.php
@ -1,19 +0,0 @@
 <?php
 class DbWhitelistSchema extends CakeSchema {
 	public $name = 'DbWhitelist';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 	}
 	public $whitelist = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/schema_0.2.3.php
+++ b/app/Config/Schema/schema_0.2.3.php
@ -1,8 +1,6 @@
-<?php
+<?php 
 class AppSchema extends CakeSchema {
 	public $file = 'schema_0.2.3.php';
 	public function before($event = array()) {
 		return true;
 	}
@ -13,17 +11,20 @@ class AppSchema extends CakeSchema {
 	public $attributes = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'value1' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'value2' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
+		'timestamp' => array('type' => 'integer', 'null' => true, 'default' => '0'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
+		'distribution' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 4),
-		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'comment' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
+		'indexes' => array(
-		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
+			'PRIMARY' => array('column' => 'id', 'unique' => 1),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
+			'event_id' => array('column' => 'event_id', 'unique' => 0),
 			'uuid' => array('column' => 'uuid', 'unique' => 0)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
@ -31,41 +32,33 @@ class AppSchema extends CakeSchema {
 		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'indexes' => array(),
+		'indexes' => array(
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
+			
-	);
+		),
 	public $correlations = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $events = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'threat_level_id' => array('type' => 'integer', 'null' => true, 'default' => null),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'date' => array('type' => 'date', 'null' => false, 'default' => null),
 		//'risk' ENUM
 		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		//'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'revision' => array('type' => 'boolean', 'null' => false, 'default' => null),
+		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
+		'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
+		'analysis' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
-		'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11),
+		'orgc' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11),
+		'timestamp' => array('type' => 'integer', 'null' => false, 'default' => '0'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
+		'distribution' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 4),
 		'proposal_email_lock' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'locked' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1),
 			'uuid' => array('column' => 'uuid', 'unique' => 0),
 			'info' => array('column' => 'info', 'type' => 'fulltext')
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
@ -81,30 +74,57 @@ class AppSchema extends CakeSchema {
 		'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
-	public $regex = array(
+	public $posts = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'regex' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'date_created' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'date_modified' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'contents' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'post_id' => array('type' => 'integer', 'null' => false, 'default' => '0'),
 		'thread_id' => array('type' => 'integer', 'null' => false, 'default' => '0'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
 	);
 	public $regexp = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'type' => array('type' => 'string', 'null' => false, 'default' => 'ALL', 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $roles = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
+		'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'modified' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_modify_org' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_sync' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_admin' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_audit' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_auth' => array('type' => 'boolean', 'null' => true, 'default' => null),
+		'perm_auth' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'perm_regexp_access' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
+		'perm_site_admin' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $servers = array(
@ -117,15 +137,65 @@ class AppSchema extends CakeSchema {
 		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $shadow_attributes = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'old_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1),
 			'event_id' => array('column' => 'event_id', 'unique' => 0),
 			'uuid' => array('column' => 'uuid', 'unique' => 0),
 			'old_id' => array('column' => 'old_id', 'unique' => 0)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $threads = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'date_created' => array('type' => 'datetime', 'null' => false, 'default' => null),
 		'date_modified' => array('type' => 'datetime', 'null' => false, 'default' => null),
 		'distribution' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
 		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'post_count' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'title' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
 	);
 	public $threat_levels = array(
 		'id' => array('type' => 'boolean', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'name' => array('type' => 'string', 'null' => false, 'length' => 50, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'form_description' => array('type' => 'string', 'null' => false, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
 	);
 	public $users = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
@ -133,15 +203,24 @@ class AppSchema extends CakeSchema {
 		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
 		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
-		'role_id' => array('type' => 'integer', 'null' => true, 'default' => null),
+		'role_id' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
+		'change_pw' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
 		'contactalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1),
 			'email' => array('column' => 'email', 'unique' => 0),
 			'password' => array('column' => 'password', 'unique' => 0)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
-	public $whitelists = array(
+	public $whitelist = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/schema_0.2.1.1.php
+++ b/app/Config/Schema/schema_0.2.1.1.php
@ -1,77 +0,0 @@
 <?php
 class AppSchema extends CakeSchema {
 	public $file = 'schema_0.2.1.1.php';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 	}
 	public $attributes = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $bruteforces = array(
 		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
 		'indexes' => array(),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $events = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'date' => array('type' => 'date', 'null' => false, 'default' => null),
 		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $servers = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'lastfetchedid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $users = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
 		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/schema_0.2.2.1.php
+++ b/app/Config/Schema/schema_0.2.2.1.php
@ -1,126 +0,0 @@
 <?php
 class AppSchema extends CakeSchema {
 	public $file = 'schema_0.2.2.1.php';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 		if (isset($event['update'])) {
 			switch ($event['update']) {
 				case 'users':
 					// TDDO Schema,Users.role_id is not here
 					break;
 			}
 		}
 	}
 	public $attributes = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $bruteforces = array(
 		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
 		'indexes' => array(),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $correlations = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $events = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'date' => array('type' => 'date', 'null' => false, 'default' => null),
 		//'risk' ENUM
 		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		//'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'revision' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11),
 		'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11),
 		'analysis' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $regexp = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $servers = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'organization' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 10, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $users = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
 		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
 		'role_id' => array('type' => 'integer', 'null' => true, 'default' => null),
 		'change_pw' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 1),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $whitelists = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/Schema/schema_0.2.2.php
+++ b/app/Config/Schema/schema_0.2.2.php
@ -1,79 +0,0 @@
 <?php
 class AppSchema extends CakeSchema {
 	public $file = 'schema_0.2.2.php';
 	public function before($event = array()) {
 		return true;
 	}
 	public function after($event = array()) {
 	}
 	public $attributes = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
 		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $bruteforces = array(
 		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
 		'indexes' => array(),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $events = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'date' => array('type' => 'date', 'null' => false, 'default' => null),
 		//'risk' ENUM
 		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $servers = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 	public $users = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
 		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
 		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 }
--- a/app/Config/routes.php
+++ b/app/Config/routes.php
@ -53,7 +53,7 @@
 	// Activate REST
 	Router::mapResources(array('events', 'attributes'));
-	Router::parseExtensions('xml');
+	Router::parseExtensions('xml', 'json');
 /**
 * Load all plugin routes.  See the CakePlugin documentation on
--- a/app/Console/Command/EventShell.php
+++ b/app/Console/Command/EventShell.php
@ -5,7 +5,7 @@ App::uses('File', 'Utility');
 require_once 'AppShell.php';
 class EventShell extends AppShell
 {
-	public $uses = array('Event', 'Attribute', 'Job');
+	public $uses = array('Event', 'Attribute', 'Job', 'User');
 	public function doPublish() {
 		$id = $this->args[0];
@ -98,7 +98,11 @@ class EventShell extends AppShell
 		}
 		$xmlObject = Xml::fromArray($xmlArray, array('format' => 'tags'));
 		$dir = new Folder(APP . DS . '/tmp/cached_exports/xml');
-		$file = new File($dir->pwd() . DS . 'misp.xml' . '.' . $org . '.xml');
+		if ($isSiteAdmin) {
 			$file = new File($dir->pwd() . DS . 'misp.xml' . '.ADMIN.xml');
 		} else {
 			$file = new File($dir->pwd() . DS . 'misp.xml' . '.' . $org . '.xml');
 		}
 		$file->write($xmlObject->asXML());
 		$file->close();
 		$this->Job->saveField('progress', '100');
@ -114,7 +118,11 @@ class EventShell extends AppShell
 		$rules = $this->Attribute->hids($isSiteAdmin, $org, $extra);
 		$this->Job->saveField('progress', 80);
 		$dir = new Folder(APP . DS . '/tmp/cached_exports/' . $extra);
-		$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.' . $org . '.txt');
+		if ($isSiteAdmin) {
 			$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.ADMIN.txt');
 		} else {
 			$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.' . $org . '.txt');
 		}
 		$file->write('');
 		foreach ($rules as $rule) {
 			$file->append($rule . PHP_EOL);
@ -144,7 +152,11 @@ class EventShell extends AppShell
 			$final[] = $attribute['Attribute']['uuid'] . ',' . $attribute['Attribute']['event_id'] . ',' . $attribute['Attribute']['category'] . ',' . $attribute['Attribute']['type'] . ',' . $attribute['Attribute']['value'];
 		}
 		$dir = new Folder(APP . DS . '/tmp/cached_exports/' . $extra);
-		$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.' . $org . '.csv');
+		if ($isSiteAdmin) {
 			$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.ADMIN.csv');
 		} else {
 			$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.' . $org . '.csv');
 		}
 		$file->write('');
 		foreach ($final as $line) {
 			$file->append($line . PHP_EOL);
@ -164,7 +176,11 @@ class EventShell extends AppShell
 		$dir = new Folder(APP . DS . '/tmp/cached_exports/text');
 		foreach ($types as $k => $type) {
 			$final = $this->Attribute->text($org, $isSiteAdmin, $type);
-			$file = new File($dir->pwd() . DS . 'misp.text_' . $type . '.' . $org . '.txt');
+			if ($isSiteAdmin) {
 				$file = new File($dir->pwd() . DS . 'misp.text_' . $type . '.ADMIN.txt');
 			} else {
 				$file = new File($dir->pwd() . DS . 'misp.text_' . $type . '.' . $org . '.txt');
 			}
 			$file->write('');
 			foreach ($final as $attribute) {
 				$file->append($attribute['Attribute']['value'] . PHP_EOL);
@ -185,7 +201,11 @@ class EventShell extends AppShell
 		$eventIds = $this->Event->fetchEventIds($org, $isSiteAdmin);
 		$eventCount = count($eventIds);
 		$dir = new Folder(APP . DS . '/tmp/cached_exports/' . $format);
-		$file = new File($dir->pwd() . DS . 'misp.' . $format . '.' . $org . '.rules');
+		if ($isSiteAdmin) {
 			$file = new File($dir->pwd() . DS . 'misp.' . $format . '.ADMIN.rules');
 		} else {
 			$file = new File($dir->pwd() . DS . 'misp.' . $format . '.' . $org . '.rules');
 		}
 		$file->write('');
 		foreach ($eventIds as $k => $eventId) {
 			if ($k == 0) {
@ -203,5 +223,16 @@ class EventShell extends AppShell
 		$file->close();
 		$this->Job->saveField('progress', '100');
 	}
 	public function alertemail() {
 		$org = $this->args[0];
 		$isSiteAdmin = $this->args[1];
 		$ProcessId = $this->args[2];
 		$this->Job->id = $ProcessId;
 		$eventId = $this->args[3];
 		$result = $this->Event->sendAlertEmail($eventId, $org, $isSiteAdmin, $ProcessId);
 		$this->Job->saveField('progress', '100');
 		if ($result != true) $this->Job->saveField('message', 'Job done.');
 	}
 }
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@ -70,7 +70,7 @@ class AppController extends Controller {
 	public function beforeFilter() {
 		// REST authentication
-		if ($this->_isRest()) {
+		if ($this->_isRest() || $this->isJson()) {
 			// disable CSRF for REST access
 			if (array_key_exists('Security', $this->components))
 				$this->Security->csrfCheck = false;
@ -142,6 +142,10 @@ class AppController extends Controller {
 	public $userRole = null;
 	public function isJson(){
 		return $this->request->header('Accept') === 'application/json';
 	}
 	//public function blackhole($type) {
 	//	// handle errors.
 	//	throw new Exception(__d('cake_dev', 'The request has been black-holed'));
@ -149,7 +153,7 @@ class AppController extends Controller {
 	//}
 	protected function _isRest() {
-		return (isset($this->RequestHandler) && $this->RequestHandler->isXml());
+		return (isset($this->RequestHandler) && ($this->RequestHandler->isXml() || $this->isJson()));
 	}
 /**
@ -209,9 +213,9 @@ class AppController extends Controller {
 		$this->loadModel('Correlation');
 		$this->Correlation->deleteAll(array('id !=' => ''), false);
 		$this->loadModel('Attribute');
-		$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.distribution', 'Attribute.cluster', 'Event.date', 'Event.org');
+		$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.distribution', 'Attribute.type', 'Attribute.category', 'Attribute.value1', 'Attribute.value2');
 		// get all attributes..
-		$attributes = $this->Attribute->find('all', array('recursive' => -1));
+		$attributes = $this->Attribute->find('all', array('recursive' => -1, 'fields' => $fields));
 		// for all attributes..
 		foreach ($attributes as $attribute) {
 			$this->Attribute->__afterSaveCorrelation($attribute['Attribute']);
@ -246,7 +250,7 @@ class AppController extends Controller {
 		foreach ($orgs as $k => $org) {
 			$orgs[$k]['User']['count'] = $this->User->find('count', array(
 							'conditions' => array(
-									'org =' => $orgs[$k]['User']['org'], 
+									'org =' => $orgs[$k]['User']['org'],
 			)));
 			if ($orgs[$k]['User']['count'] > 1) {
 				$localOrgs[] = $orgs[$k]['User']['org'];
@ -255,7 +259,7 @@ class AppController extends Controller {
 				// If we only have a single user for an org, check if that user is a sync user. If not, then it is a valid local org and the events created by him/her should be unlocked.
 				$this->User->recursive = 1;
 				$user = ($this->User->find('first', array(
-						'fields' => array('id', 'role_id'), 
+						'fields' => array('id', 'role_id'),
 						'conditions' => array('org' => $org['User']['org']),
 						'contain' => array('Role' => array(
 								'fields' => array('id', 'perm_sync'),
@ -274,7 +278,7 @@ class AppController extends Controller {
 				'conditions' => $conditions
 		));
 		$this->Event->updateAll(
-				array('Event.locked' => 1), 
+				array('Event.locked' => 1),
 				$conditions
 		);
 		$this->Session->setFlash('Events updated, '. $toBeUpdated . ' record(s) altered.');
--- a/app/Controller/AttributesController.php
+++ b/app/Controller/AttributesController.php
@ -21,7 +21,7 @@ class AttributesController extends AppController {
 	public function beforeFilter() {
 		parent::beforeFilter();
-		
+
 		$this->Auth->allow('restSearch');
 		$this->Auth->allow('returnAttributes');
 		$this->Auth->allow('downloadAttachment');
@ -251,10 +251,10 @@ class AttributesController extends AppController {
 			throw new NotFoundException(__('Invalid attribute'));
 		}
 		$this->Attribute->read();
-		if (!$this->_isSiteAdmin() && 
+		if (!$this->_isSiteAdmin() &&
-			$this->Auth->user('org') != 
+			$this->Auth->user('org') !=
-			$this->Attribute->data['Event']['org'] && 
+			$this->Attribute->data['Event']['org'] &&
-			($this->Attribute->data['Event']['distribution'] == 0 || 
+			($this->Attribute->data['Event']['distribution'] == 0 ||
 				$this->Attribute->data['Attribute']['distribution'] == 0
 			)) {
 			throw new UnauthorizedException('You do not have the permission to view this event.');
@ -532,7 +532,7 @@ class AttributesController extends AppController {
 						$attribute['distribution'] = $this->Event->data['Event']['distribution'];
 					} else {
 						$attribute['distribution'] = Configure::read('MISP.default_attribute_distribution');
-					} 
+					}
 				}
 				switch($entry['Type']) {
 					case 'Address':
@ -644,9 +644,9 @@ class AttributesController extends AppController {
 			$uuid = $this->Attribute->data['Attribute']['uuid'];
 		}
 		if (!$this->_isSiteAdmin()) {
-			// 
+			//
 			if ($this->Attribute->data['Event']['orgc'] == $this->Auth->user('org')
-				&& (($this->userRole['perm_modify'] && $this->Attribute->data['Event']['user_id'] != $this->Auth->user('id')) 
+				&& (($this->userRole['perm_modify'] && $this->Attribute->data['Event']['user_id'] != $this->Auth->user('id'))
 					|| $this->userRole['perm_modify_org'])) {
 				// Allow the edit
 			} else {
@ -785,10 +785,10 @@ class AttributesController extends AppController {
 			} else {
 				if ($this->_checkOrg() != $this->Attribute->data['Event']['orgc']) {
 					throw new MethodNotAllowedException();
-				}	
+				}
 			}
 		}
-			
+
 		// attachment will be deleted with the beforeDelete() function in the Model
 		if ($this->Attribute->delete()) {
 			// delete the attribute from remote servers
@ -796,7 +796,7 @@ class AttributesController extends AppController {
 				// find the uuid
 				$this->__deleteAttributeFromServers($uuid);
 			}
-			
+
 			// We have just deleted the attribute, let's also check if there are any shadow attributes that were attached to it and delete them
 			$this->loadModel('ShadowAttribute');
 			$this->ShadowAttribute->deleteAll(array('ShadowAttribute.old_id' => $id), false);
@ -1074,7 +1074,7 @@ class AttributesController extends AppController {
 		$this->set('fails', $this->Attribute->checkComposites());
 	}
-	
+
 	// Use the rest interface to search for attributes. Usage:
 	// MISP-base-url/attributes/restSearch/[api-key]/[value]/[type]/[category]/[orgc]
 	// value, type, category, orgc are optional
@ -1095,7 +1095,7 @@ class AttributesController extends AppController {
 		// add the values as specified in the 2nd parameter to the conditions
 		$values = explode('&&', $value);
 		$parameters = array('value', 'type', 'category', 'org');
-	
+
 		foreach ($parameters as $k => $param) {
 			if (isset(${$parameters[$k]})) {
 				$elements = explode('&&', ${$parameters[$k]});
@ -1110,9 +1110,9 @@ class AttributesController extends AppController {
 				$subcondition = array();
 			}
 		}
-	
+
 		// If we are looking for an attribute, we want to retrieve some extra data about the event to be able to check for the permissions.
-		
+
 		if (!$user['User']['siteAdmin']) {
 			$temp = array();
 			$temp['AND'] = array('Event.distribution >' => 0, 'Attribute.distribution >' => 0);
@ -1120,23 +1120,23 @@ class AttributesController extends AppController {
 			$subcondition['OR'][] = array('Event.org' => $user['User']['org']);
 			array_push($conditions['AND'], $subcondition);
 		}
-		
+
 		// change the fields here for the attribute export!!!! Don't forget to check for the permissions, since you are not going through fetchevent. Maybe create fetchattribute?
-	
+
 		$params = array(
 				'conditions' => $conditions,
 				'fields' => array('Attribute.*', 'Event.org', 'Event.distribution'),
 				'contain' => 'Event'
 		);
-	
+
 		$results = $this->Attribute->find('all', $params);
 		$this->loadModel('Whitelist');
 		$results = $this->Whitelist->removeWhitelistedFromArray($results, false);
 		if (empty($results)) throw new NotFoundException('No matches.');
 		$this->set('results', $results);
 	}
-	
+
-	// returns an XML with attributes that belong to an event. The type of attributes to be returned can be restricted by type using the 3rd parameter. 
+	// returns an XML with attributes that belong to an event. The type of attributes to be returned can be restricted by type using the 3rd parameter.
 	// Similar to the restSearch, this parameter can be chained with '&&' and negations are accepted too. For example filename&&!filename|md5 would return all filenames that don't have an md5
 	// The usage of returnAttributes is the following: [MISP-url]/attributes/returnAttributes/<API-key>/<type>/<signature flag>
 	// The signature flag is off by default, enabling it will only return attribugtes that have the to_ids flag set to true.
@ -1153,11 +1153,11 @@ class AttributesController extends AppController {
 		if ($user['User']['siteAdmin'] || $this->Event->data['Event']['org'] == $user['User']['org']) {
 			$myEventOrAdmin = true;
 		}
-		
+
 		if (!$myEventOrAdmin) {
 			if ($this->Event->data['Event']['distribution'] == 0) {
 				throw new UnauthorizedException('You don\'t have access to that event.');
-			} 
+			}
 		}
 		$this->response->type('xml');	// set the content type
 		$this->layout = 'xml/default';
@ -1178,7 +1178,7 @@ class AttributesController extends AppController {
 				}
 			}
 		}
-		
+
 		// check each attribute
 		foreach($this->Event->data['Attribute'] as $k => $attribute) {
 			$contained = false;
@ -1199,8 +1199,8 @@ class AttributesController extends AppController {
 				foreach ($exclude as $exc) {
 					if (strpos($attribute['type'], $exc) !== false) {
 						$contained = false;
-						continue 2;	
+						continue 2;
-					}							
+					}
 				}
 			}
 			// If we still didn't throw the attribute away, let's check if the user requesting the attributes is of the owning organisation of the event
@ -1208,19 +1208,19 @@ class AttributesController extends AppController {
 			if ($contained && !$myEventOrAdmin && $attribute['distribution'] == 0) {
 				$contained = false;
 			}
-			
+
 			// If we have set the sigOnly parameter and the attribute has to_ids set to false, discard it!
 			if ($contained && $sigOnly === 'true' && !$attribute['to_ids']) {
 				$contained = false;
 			}
-			
+
 			// If after all of this $contained is still true, let's add the attribute to the array
 			if ($contained) $attributes[] = $attribute;
 		}
 		if (empty($attributes)) throw new NotFoundException('No matches.');
 		$this->set('results', $attributes);
 	}
-	
+
 	public function downloadAttachment($key, $id) {
 		$user = $this->checkAuthUser($key);
 		// if the user is authorised to use the api key then user will be populated with the user's account
@ -1233,9 +1233,9 @@ class AttributesController extends AppController {
 			throw new NotFoundException('Invalid attribute or no authorisation to view it.');
 		}
 		$this->Attribute->read(null, $id);
-		if (!$user['User']['siteAdmin'] && 
+		if (!$user['User']['siteAdmin'] &&
-			$user['User']['org'] != $this->Attribute->data['Event']['org'] && 
+			$user['User']['org'] != $this->Attribute->data['Event']['org'] &&
-			($this->Attribute->data['Event']['distribution'] == 0 || 
+			($this->Attribute->data['Event']['distribution'] == 0 ||
 				$this->Attribute->data['Attribute']['distribution'] == 0
 			)) {
 			throw new NotFoundException('Invalid attribute or no authorisation to view it.');
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@ -146,6 +146,11 @@ class EventsController extends AppController {
 				}
 			}
 		}
 		$this->paginate = array('contain' => array(
 			'ThreatLevel' => array(
 				'fields' => array(
 					'ThreatLevel.name'))
 		));
 		$this->set('events', $this->paginate());
 		if (!$this->Auth->user('gpgkey')) {
 			$this->Session->setFlash(__('No GPG key set in your profile. To receive emails, submit your public key in your profile.'));
@ -459,11 +464,9 @@ class EventsController extends AppController {
 		$this->set('distributionLevels', $this->Event->distributionLevels);
 		// combobox for risks
-		$risks = $this->Event->validate['risk']['rule'][1];
+		$threat_levels = $this->Event->ThreatLevel->find('all');
-		$risks = $this->_arrayToValuesIndexArray($risks);
+		$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
-		$this->set('risks',$risks);
+		$this->set('riskDescriptions', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.form_description'));
 		// tooltip for risk
 		$this->set('riskDescriptions', $this->Event->riskDescriptions);
 		// combobox for analysis
 		$analysiss = $this->Event->validate['analysis']['rule'][1];
@ -528,7 +531,7 @@ class EventsController extends AppController {
 					$this->Session->setFlash(__('You may only upload OpenIOC ioc files.'));
 				}
 				if (isset($this->data['Event']['submittedxml'])) $this->_addXMLFile();
-	
+
 				// redirect to the view of the newly created event
 				if (!CakeSession::read('Message.flash')) {
 					$this->Session->setFlash(__('The event has been saved'));
@ -539,8 +542,8 @@ class EventsController extends AppController {
 			}
 		}
 	}
-	
+
-	
+
 	/**
 	 * Low level function to add an Event based on an Event $data array
 	 *
@ -587,10 +590,12 @@ class EventsController extends AppController {
 		}
 		// FIXME chri: validatebut  the necessity for all these fields...impact on security !
 		$fieldList = array(
-				'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
+				'Event' => array('org', 'orgc', 'date', 'threat_level_id', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
 				'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'timestamp', 'distribution')
 		);
-		$saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList));
+
 		$saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList,
 			'atomic' => true));
 		// FIXME chri: check if output of $saveResult is what we expect when data not valid, see issue #104
 		if ($saveResult) {
 			if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) {
@ -619,7 +624,7 @@ class EventsController extends AppController {
 			return 'Event originated on this instance, any changes to it have to be done locally.';
 		}
 		$fieldList = array(
-				'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
+				'Event' => array('date', 'threat_level_id', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
 				'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'distribution', 'timestamp')
 		);
 		$data['Event']['id'] = $this->Event->data['Event']['id'];
@ -710,7 +715,7 @@ class EventsController extends AppController {
 					}
 				}
 				$fieldList = array(
-						'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
+						'Event' => array('date', 'threat_level_id', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
 						'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'distribution', 'timestamp')
 				);
@ -763,7 +768,7 @@ class EventsController extends AppController {
 				}
 			}
 			// say what fields are to be updated
-			$fieldList = array('date', 'risk', 'analysis', 'info', 'published', 'distribution', 'timestamp');
+			$fieldList = array('date', 'threat_level_id', 'analysis', 'info', 'published', 'distribution', 'timestamp');
 			$this->Event->read();
 			// always force the org, but do not force it for admins
@ -796,12 +801,9 @@ class EventsController extends AppController {
 		$this->set('distributionLevels', $this->Event->distributionLevels);
 		// combobox for types
-		$risks = $this->Event->validate['risk']['rule'][1];
+		$threat_levels = $this->Event->ThreatLevel->find('all');
-		$risks = $this->_arrayToValuesIndexArray($risks);
+		$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
-		$this->set('risks',$risks);
+		$this->set('riskDescriptions', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.form_description'));
 		// tooltip for risk
 		$this->set('riskDescriptions', $this->Event->riskDescriptions);
 		// combobox for analysis
 		$analysiss = $this->Event->validate['analysis']['rule'][1];
@ -813,7 +815,7 @@ class EventsController extends AppController {
 		$this->set('analysisLevels', $this->Event->analysisLevels);
 		$this->set('eventDescriptions', $this->Event->fieldDescriptions);
-		
+
 		$this->set('event', $this->Event->data);
 	}
@ -957,14 +959,6 @@ class EventsController extends AppController {
 		}
 		return $uploaded;
 	}
 	public function test($id) {
 		CakeResque::enqueue(
 			'default',
 			'EventShell',
 			array('doPublish', $id)
 		);
 	}
 	/**
 	 * Publishes the event without sending an alert email
@ -1047,144 +1041,7 @@ class EventsController extends AppController {
 	}
 	private function __sendAlertEmail($id) {
-		$this->Event->recursive = 1;
+		return ($this->Event->sendAlertEmail($id, $this->Auth->user('org'), $this->_isSiteAdmin()));
 		$event = $this->Event->read(null, $id);
 		// The mail body, h() is NOT needed as we are sending plain-text mails.
 		$body = "";
 		$body .= '----------------------------------------------' . "\n";
 		$appendlen = 20;
 		$body .= 'URL         : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $event['Event']['id'] . "\n";
 		$body .= 'Event       : ' . $event['Event']['id'] . "\n";
 		$body .= 'Date        : ' . $event['Event']['date'] . "\n";
 		if ('true' == Configure::read('CyDefSIG.showorg')) {
 			$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
 		}
 		$body .= 'Risk        : ' . $event['Event']['risk'] . "\n";
 		$body .= 'Analysis    : ' . $this->Event->analysisLevels[$event['Event']['analysis']] . "\n";
 		$body .= 'Info  : ' . "\n";
 		$body .= $event['Event']['info'] . "\n";
 		$relatedEvents = $this->Event->getRelatedEvents($this->Auth->user(), $this->_isSiteAdmin());
 		if (!empty($relatedEvents)) {
 			$body .= '----------------------------------------------' . "\n";
 			$body .= 'Related to : '. "\n";
 			foreach ($relatedEvents as &$relatedEvent) {
 				$body .= Configure::read('CyDefSIG.baseurl') . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ') ' ."\n";
 			}
 			$body .= '----------------------------------------------' . "\n";
 		}
 		$body .= 'Attributes  :' . "\n";
 		$bodyTempOther = "";
 		if (isset($event['Attribute'])) {
 			foreach ($event['Attribute'] as &$attribute) {
 				$line = '- ' . $attribute['type'] . str_repeat(' ', $appendlen - 2 - strlen($attribute['type'])) . ': ' . $attribute['value'] . "\n";
 				if ('other' == $attribute['type']) // append the 'other' attribute types to the bottom.
 					$bodyTempOther .= $line;
 				else $body .= $line;
 			}
 		}
 		if (!empty($bodyTempOther)) {
 			$body .= "\n";
 		}
 		$body .= $bodyTempOther;	// append the 'other' attribute types to the bottom.
 		$body .= '----------------------------------------------' . "\n";
 		// find out whether the event is private, to limit the alerted user's list to the org only
 		if ($event['Event']['distribution'] == 0) {
 			$eventIsPrivate = true;
 		} else {
 			$eventIsPrivate = false;
 		}
 		// sign the body
 		require_once 'Crypt/GPG.php';
 		try {
 			$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));	// , 'debug' => true
 			$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
 			$bodySigned = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
 			$this->loadModel('User');
 			//
 			// Build a list of the recipients that get a non-encrypted mail
 			// But only do this if it is allowed in the bootstrap.php file.
 			//
 			if ($eventIsPrivate) {
 				$conditions = array('User.autoalert' => 1, 'User.gpgkey =' => "", 'User.org =' => $event['Event']['org']);
 			} else {
 				$conditions = array('User.autoalert' => 1, 'User.gpgkey =' => "");
 			}
 			if ('false' == Configure::read('GnuPG.onlyencrypted')) {
 				$alertUsers = $this->User->find('all', array(
 						'conditions' => $conditions,
 						'recursive' => 0,
 				));
 				foreach ($alertUsers as &$user) {
 					// prepare the the unencrypted email
 					$this->Email->from = Configure::read('CyDefSIG.email');
 					$this->Email->to = $user['User']['email'];
 					$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
 					$this->Email->template = 'body';
 					$this->Email->sendAs = 'text';	// both text or html
 					$this->set('body', $bodySigned);
 					// send it
 					$this->Email->send();
 					// If you wish to send multiple emails using a loop, you'll need
 					// to reset the email fields using the reset method of the Email component.
 					$this->Email->reset();
 				}
 			}
 			//
 			// Build a list of the recipients that wish to receive encrypted mails.
 			//
 			if ($eventIsPrivate) {
 				$conditions = array('User.autoalert' => 1, 'User.gpgkey !=' => "", 'User.org =' => $event['Event']['org']);
 			} else {
 				$conditions = array('User.autoalert' => 1, 'User.gpgkey !=' => "");
 			}
 			$alertUsers = $this->User->find('all', array(
 					'conditions' => $conditions,
 					'recursive' => 0,
 			)
 			);
 			// encrypt the mail for each user and send it separately
 			foreach ($alertUsers as &$user) {
 				// send the email
 				$this->Email->from = Configure::read('CyDefSIG.email');
 				$this->Email->to = $user['User']['email'];
 				$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
 				$this->Email->template = 'body';
 				$this->Email->sendAs = 'text';		// both text or html
 				// import the key of the user into the keyring
 				// this is not really necessary, but it enables us to find
 				// the correct key-id even if it is not the same as the emailaddress
 				$keyImportOutput = $gpg->importKey($user['User']['gpgkey']);
 				// say what key should be used to encrypt
 				try {
 					$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
 					$gpg->addEncryptKey($keyImportOutput['fingerprint']); // use the key that was given in the import
 					$bodyEncSig = $gpg->encrypt($bodySigned, true);
 					$this->set('body', $bodyEncSig);
 					$this->Email->send();
 				} catch (Exception $e){
 					// catch errors like expired PGP keys
 					$this->log($e->getMessage());
 					// no need to return here, as we want to send out mails to the other users if GPG encryption fails for a single user
 				}
 				// If you wish to send multiple emails using a loop, you'll need
 				// to reset the email fields using the reset method of the Email component.
 				$this->Email->reset();
 			}
 		} catch (Exception $e){
 			// catch errors like expired PGP keys
 			$this->log($e->getMessage());
 			return $e->getMessage();
 		}
 		// LATER check if sending email succeeded and return appropriate result
 		return true;
 	}
 	/**
@ -1277,7 +1134,7 @@ class EventsController extends AppController {
 		if ('true' == Configure::read('CyDefSIG.showorg')) {
 			$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
 		}
-		$body .= 'Risk		: ' . $event['Event']['risk'] . "\n";
+		$body .= 'Risk		: ' . $event['ThreatLevel']['name'] . "\n";
 		$body .= 'Analysis  : ' . $event['Event']['analysis'] . "\n";
 		$relatedEvents = $this->Event->getRelatedEvents($this->Auth->user(), $this->_isSiteAdmin());
 		if (!empty($relatedEvents)) {
@ -1384,70 +1241,77 @@ class EventsController extends AppController {
 	}
 	public function export() {
-		//$currentTime = time();
+		// Check if the background jobs are enabled - if not, fall back to old export page.
-		$now = time();
+		if (Configure::read('MISP.background_jobs')) {
-		
+			$now = time();
 		// as a site admin we'll use the ADMIN identifier, not to overwrite the cached files of our own org with a file that includes too much data.
 		if ($this->_isSiteAdmin()) {
 			$useOrg = 'ADMIN';
 			$conditions = null;			
 		} else {
 			$useOrg = $this->Auth->User('org');
 			$conditions = array('orgc' => $this->Auth-user('org'));
 		}
 		$this->Event->recursive = -1;
 		$newestEvent = $this->Event->find('first', array(
 			'conditions' => $conditions,
 			'fields' => 'timestamp',
 			'order' => 'Event.timestamp DESC',
 		));
 		$this->loadModel('Job');
 		foreach ($this->Event->export_types as $k => $type) {
 			$job = $this->Job->find('first', array(
 					'fields' => array('id', 'progress'),
 					'conditions' => array(
 							'job_type' => 'cache_' . $k,
 							'org' => $useOrg
 						),
 					'order' => array('Job.id' => 'desc')
 			));
 			$dir = new Folder(APP . 'tmp/cached_exports/' . $k);
 			if ($k === 'text') {
 				// Since all of the text export files are generated together, we might as well just check for a single one md5.
 				$file = new File($dir->pwd() . DS . 'misp.text_md5.' . $useOrg . $type['extension']);
 			} else {
 				$file = new File($dir->pwd() . DS . 'misp.' . $k . '.' . $useOrg . $type['extension']);
 			}
 			if (!$file->exists()) {
 				$lastModified = 'N/A';
 				$this->Event->export_types[$k]['recommendation'] = 1;
 			} else {
 				$fileChange = $file->lastChange();
 				$lastModified = $this->__timeDifference($now, $fileChange);
 				if ($fileChange > $newestEvent['Event']['timestamp']) {
 					$this->Event->export_types[$k]['recommendation'] = 0;
 				} else {
 					$this->Event->export_types[$k]['recommendation'] = 1;
 				}
 			}
-			$this->Event->export_types[$k]['lastModified'] = $lastModified;
+			// as a site admin we'll use the ADMIN identifier, not to overwrite the cached files of our own org with a file that includes too much data.
-			if (!empty($job)) {
+			if ($this->_isSiteAdmin()) {
-				$this->Event->export_types[$k]['job_id'] = $job['Job']['id'];
+				$useOrg = 'ADMIN';
-				$this->Event->export_types[$k]['progress'] = $job['Job']['progress'];
+				$conditions = null;			
 			} else {
-				$this->Event->export_types[$k]['job_id'] = -1;
+				$useOrg = $this->Auth->User('org');
-				$this->Event->export_types[$k]['progress'] = 0;
+				$conditions = array('orgc' => $this->Auth-user('org'));
 			}
-			//$this->Event->export_types[$k]['recommendation']
+			$this->Event->recursive = -1;
 			$newestEvent = $this->Event->find('first', array(
 				'conditions' => $conditions,
 				'fields' => 'timestamp',
 				'order' => 'Event.timestamp DESC',
 			));
 			$this->loadModel('Job');
 			foreach ($this->Event->export_types as $k => $type) {
 				$job = $this->Job->find('first', array(
 						'fields' => array('id', 'progress'),
 						'conditions' => array(
 								'job_type' => 'cache_' . $k,
 								'org' => $useOrg
 							),
 						'order' => array('Job.id' => 'desc')
 				));
 				$dir = new Folder(APP . 'tmp/cached_exports/' . $k);
 				if ($k === 'text') {
 					// Since all of the text export files are generated together, we might as well just check for a single one md5.
 					$file = new File($dir->pwd() . DS . 'misp.text_md5.' . $useOrg . $type['extension']);
 				} else {
 					$file = new File($dir->pwd() . DS . 'misp.' . $k . '.' . $useOrg . $type['extension']);
 				}
 				if (!$file->exists()) {
 					$lastModified = 'N/A';
 					$this->Event->export_types[$k]['recommendation'] = 1;
 				} else {
 					$fileChange = $file->lastChange();
 					$lastModified = $this->__timeDifference($now, $fileChange);
 					if ($fileChange > $newestEvent['Event']['timestamp']) {
 						$this->Event->export_types[$k]['recommendation'] = 0;
 					} else {
 						$this->Event->export_types[$k]['recommendation'] = 1;
 					}
 				}
 				$this->Event->export_types[$k]['lastModified'] = $lastModified;
 				if (!empty($job)) {
 					$this->Event->export_types[$k]['job_id'] = $job['Job']['id'];
 					$this->Event->export_types[$k]['progress'] = $job['Job']['progress'];
 				} else {
 					$this->Event->export_types[$k]['job_id'] = -1;
 					$this->Event->export_types[$k]['progress'] = 0;
 				}
 				//$this->Event->export_types[$k]['recommendation']
 			}
 			$this->set('useOrg', $useOrg);
 			$this->set('export_types', $this->Event->export_types);
 			// generate the list of Attribute types
 			$this->loadModel('Attribute');
 			//$lastModified = strftime("%d, %m, %Y, %T", $lastModified);
 			$this->set('sigTypes', array_keys($this->Attribute->typeDefinitions));
 		} else {
 			// generate the list of Attribute types
 			$this->loadModel('Attribute');
 			//$lastModified = strftime("%d, %m, %Y, %T", $lastModified);
 			$this->set('sigTypes', array_keys($this->Attribute->typeDefinitions));
 			$this->render('/Events/export_alternate');
 		}
 		// generate the list of Attribute types
 		$this->loadModel('Attribute');
 		//$lastModified = strftime("%d, %m, %Y, %T", $lastModified);
 		$this->set('useOrg', $useOrg);
 		$this->set('export_types', $this->Event->export_types);
 		$this->set('sigTypes', array_keys($this->Attribute->typeDefinitions));
 	}
@ -1528,9 +1392,7 @@ class EventsController extends AppController {
 		}
 		if (!empty($orgFromFetch)) $org = $orgFromFetch;
 		else $org = $this->_checkOrg();
 		$results = $this->Event->fetchEvent($eventid, $idList, $org, $isSiteAdmin);
 		return $results;
 	}
@ -1830,17 +1692,17 @@ class EventsController extends AppController {
 					$this->data['Event']['submittedxml']['size']);
 			App::uses('Xml', 'Utility');
 			$xmlArray = Xml::toArray(Xml::build($xmlData));
-			
+
-			// In case we receive an event that is not encapsulated in a response. This should never happen (unless it's a copy+paste fail), 
+			// In case we receive an event that is not encapsulated in a response. This should never happen (unless it's a copy+paste fail),
 			// but just in case, let's clean it up anyway.
 			if (isset($xmlArray['Event'])) {
 				$xmlArray['response']['Event'] = $xmlArray['Event'];
 				unset($xmlArray['Event']);
 			}
-			
+
 			if (!isset($xmlArray['response']) || !isset($xmlArray['response']['Event'])) {
 				throw new Exception('This is not a valid MISP XML file.');
-			} 
+			}
 			if (isset($xmlArray['response']['Event'][0])) {
 				foreach ($xmlArray['response']['Event'] as $event) {
 					$temp['Event'] = $event;
@ -1852,7 +1714,7 @@ class EventsController extends AppController {
 			}
 		}
 	}
-	
+
 	public function _readGfiXML($data, $id) {
 		$this->loadModel('Attribute');
@ -2142,15 +2004,15 @@ class EventsController extends AppController {
 		$final = $this->IOCExport->buildAll($event, $isMyEvent, $isSiteAdmin);
 		$this->set('final', $final);
 	}
-	
+
 	public function create_dummy_event() {
 		if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException('You don\'t have the privileges to access this.');
 		$date = new DateTime();
 		$data['Event']['info'] = 'Test event showing every category-type combination';
 		$data['Event']['date'] = '2013-10-09';
-		$data['Event']['risk'] = 'Undefined';
+		$data['Event']['threat_level_id'] = 4; //'Undefined'
 		$data['Event']['analysis'] = '0';
-		$data['Event']['distribution'] = '0';	
+		$data['Event']['distribution'] = '0';
 		$defaultValues = array(
 				'md5' => '098f6bcd4621d373cade4e832627b4f6',
@ -2197,15 +2059,10 @@ class EventsController extends AppController {
 					'type' => $type,
 					'value' => $defaultValues[$type],
 					'to_ids' => '0',
-					'distribution' => '0',						
+					'distribution' => '0',
 				);
 			}
 		}
-		$this->_add($data, false);	
+		$this->_add($data, false);
 	}
 	public function tester() {
 		$this->loadModel('Attribute');
 		debug ($this->Attribute->text('NCIRC', true, 'ip-dst'));
 	}
 }
--- a/app/Controller/JobsController.php
+++ b/app/Controller/JobsController.php
@ -27,10 +27,6 @@ class JobsController extends AppController {
 		$this->set('list', $this->paginate());
 	}
 	public function retry($id) {
 	}
 	public function getGenerateCorrelationProgress($id) {
 		//if (!self::_isSiteAdmin()) throw new NotFoundException();
 		$progress = $this->Job->findById($id);
@ -49,7 +45,7 @@ class JobsController extends AppController {
 			'conditions' => array(
 				'job_type' => $type,
 				'org' => $org
-				),
+			),
 			'fields' => array('id', 'progress'),
 			'order' => array('Job.id' => 'desc'),
 		));
@ -65,7 +61,7 @@ class JobsController extends AppController {
 		if ($this->_isSiteAdmin()) {
 			$target = 'All events.';
 			$jobOrg = 'ADMIN';
-		} else {
+		} else { 
 			$target = 'Events visible to: '.$this->Auth->user('org');
 			$jobOrg = $this->Auth->user('org');
 		}
@ -74,13 +70,13 @@ class JobsController extends AppController {
 		$shell = 'Event';
 		$this->Job->create();
 		$data = array(
-				'worker' => 'default',
+			'worker' => 'default',
-				'job_type' => 'cache_' . $type,
+			'job_type' => 'cache_' . $type,
-				'job_input' => $target,
+			'job_input' => $target,
-				'status' => 0,
+			'status' => 0,
-				'retries' => 0,
+			'retries' => 0,
-				'org' => $jobOrg,
+			'org' => $jobOrg,
-				'message' => 'Fetching events.',
+			'message' => 'Fetching events.',
 		);
 		if ($type === 'md5' || $type === 'sha1') {
 			$extra = $type;
@ -93,16 +89,35 @@ class JobsController extends AppController {
 		if ($type === 'suricata' || $type === 'snort') {
 			$extra = $type;
 			$type = 'nids';
-			$extra2 = $this->Auth->user('nids_sid');
+			$extra2 = $this->Auth->user('sid');
 		}
 		$this->Job->save($data);
 		$id = $this->Job->id;
 		CakeResque::enqueue(
-		'default',
+			'default',
-		$shell . 'Shell',
+			$shell . 'Shell',
-		array('cache' . $type, $this->Auth->user('org'), $this->_isSiteAdmin(), $id, $extra, $extra2)
+			array('cache' . $type, $this->Auth->user('org'), $this->_isSiteAdmin(), $id, $extra, $extra2)
 		);
 		return new CakeResponse(array('body' => json_encode($id)));
 	}
 	public function sendAlertEmail($id) {
 		$this->Job->create();
 		$data = array(
 			'worker' => 'default',
 			'job_type' => 'contact_alert',
 			'job_input' => 'Event: ' . $id,
 			'status' => 0,
 			'retries' => 0,
 			'org' => $this->Auth->user('org'),
 			'message' => 'Fetching events.',
 		);
 		$this->Job->save($data);
 		$jobId = $this->Job->id;
 		$result = CakeResque::enqueue(
 			'default',
 			'EventShell',
 			array('alertemail', $this->Auth->user('org'), $this->_isSiteAdmin(), $jobId, $id)
 		);
 	}	
 }
--- a/app/Lib/Export/NidsExport.php
+++ b/app/Lib/Export/NidsExport.php
@ -35,7 +35,7 @@ class NidsExport {
 		}
 		// generate the rules
 		foreach ($items as &$item) {
-			switch ($item['Event']['risk']) {
+			/*switch ($item['Event']['risk']) {
 				case 'Undefined':
 					$priority = '4';
 					break;
@ -50,12 +50,12 @@ class NidsExport {
 					break;
 				default:
 					$priority = '4';
-			}
+			}*/
 			# proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev
 			$ruleFormatMsg = 'msg: "' . Configure::read('CyDefSIG.name') . ' e' . $item['Event']['id'] . ' %s"';
 			$ruleFormatReference = 'reference:url,' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $item['Event']['id'];
-			$ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $priority . '; ' . $ruleFormatReference . ';) ';
+			$ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $item['Event']['threat_level_id'] . '; ' . $ruleFormatReference . ';) ';
 			$sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type
 			$attribute = &$item['Attribute'];
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@ -819,6 +819,7 @@ class Attribute extends AppModel {
 			if ($fromGFI) $this->data['Attribute']['comment'] = 'GFI import';
 		}
 		//???
 		if ($this->save($this->data)) {
 			// attribute saved correctly in the db
 		} else {
@ -828,6 +829,7 @@ class Attribute extends AppModel {
 		// no errors in file upload, entry already in db, now move the file where needed and zip it if required.
 		// no sanitization is required on the filename, path or type as we save
 		// create directory structure
 		// ???
 		if (PHP_OS == 'WINNT') {
 			$rootDir = APP . "files" . DS . $eventId;
 		} else {
@ -878,11 +880,11 @@ class Attribute extends AppModel {
 			$this->Correlation = ClassRegistry::init('Correlation');
 			// When we add/update an attribute we need to
 			// - (beforeSave) (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id
-	
+
 			// - remove the existing relations for that value1 or value2, we do NOT have an id reference, but we have a value1/value2 field to search for
 			// ==> DELETE FROM correlations WHERE value = $value1 OR value = $value2 */
 			$dummy = $this->Correlation->deleteAll(array('Correlation.value' => array($a['value1'], $a['value2'])));
-	
+
 			// now build a correlation array of things that will need to be added in the db
 			// we do this twice, once for value1 and once for value2
 			$correlations = array();   // init variable
@ -898,7 +900,7 @@ class Attribute extends AppModel {
 			            	),
 			            	'AND' => array(
 			            		'Attribute.type !=' => 'vulnerability',
-			            		'Attribute.type !=' => 'comment',			            				
+			            		'Attribute.type !=' => 'comment',
 						)),
 			            'recursive' => 0,
 			            //'fields' => '', // we want to have the Attribute AND Event, so do not filter here
--- a/app/Model/Event.php
+++ b/app/Model/Event.php
@ -1,6 +1,6 @@
 <?php
 App::uses('AppModel', 'Model');
-
+App::uses('CakeEmail', 'Network/Email');
 App::import('Controller', 'Attributes');
 /**
 * Event Model
@ -34,7 +34,7 @@ class Event extends AppModel {
 * @var array
 */
 	public $fieldDescriptions = array(
-		'risk' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels: low: mass-malware medium: APT malware high: sophisticated APT malware or 0-day attack'),
+		'threat_level_id' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels: low: mass-malware medium: APT malware high: sophisticated APT malware or 0-day attack'),
 		'classification' => array('desc' => 'Set the Traffic Light Protocol classification. <ol><li><em>TLP:AMBER</em>- Share only within the organization on a need-to-know basis</li><li><em>TLP:GREEN:NeedToKnow</em>- Share within your constituency on the need-to-know basis.</li><li><em>TLP:GREEN</em>- Share within your constituency.</li></ol>'),
 		'submittedgfi' => array('desc' => 'GFI sandbox: export upload', 'formdesc' => 'GFI sandbox: export upload'),
 		'submittedioc' => array('desc' => '', 'formdesc' => ''),
@ -42,12 +42,12 @@ class Event extends AppModel {
 		'distribution' => array('desc' => 'Describes who will have access to the event.')
 	);
-	public $riskDescriptions = array(
+	/*public $riskDescriptions = array(
 		'Undefined' => array('desc' => '*undefined* no risk', 'formdesc' => 'No risk'),
 		'Low' => array('desc' => '*low* means mass-malware', 'formdesc' => 'Mass-malware'),
 		'Medium' => array('desc' => '*medium* means APT malware', 'formdesc' => 'APT malware'),
 		'High' => array('desc' => '*high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Sophisticated APT malware or 0-day attack')
-	);
+	);*/
 	public $analysisDescriptions = array(
 		0 => array('desc' => '*Initial* means the event has just been created', 'formdesc' => 'Creation started'),
@ -149,14 +149,14 @@ class Event extends AppModel {
 				//'on' => 'create', // Limit validation to 'create' or 'update' operations
 			),
 		),
-		'risk' => array(
+		'threat_level_id' => array(
-				'rule' => array('inList', array('Undefined', 'Low','Medium','High')),
+			'notempty' => array(
-				'message' => 'Options : Undefined, Low, Medium, High',
+				'rule' => array('notempty'),
-				//'allowEmpty' => false,
+				//'message' => 'Please specify threat level',
-				'required' => true,
+				'required' => true
-				//'last' => false, // Stop validation after this rule
+			),
 				//'on' => 'create', // Limit validation to 'create' or 'update' operations
 		),
 		'distribution' => array(
 			'rule' => array('inList', array('0', '1', '2', '3')),
 			'message' => 'Options : Your organisation only, This community only, Connected communities, All communities',
@ -262,6 +262,10 @@ class Event extends AppModel {
 			'conditions' => '',
 			'fields' => '',
 			'order' => ''
 		),
 		'ThreatLevel' => array(
 			'className' => 'ThreatLevel',
 			'foreignKey' => 'threat_level_id'
 		)
 	);
@ -617,7 +621,7 @@ class Event extends AppModel {
 					$newTextBody = $response->body();
 					return 404;
 					break;
-				case '405': 
+				case '405':
 					return 405;
 					break;
 				case '403': // Not authorised
@ -825,7 +829,7 @@ class Event extends AppModel {
 		// $conditions['AND'][] = array('Event.published =' => 1);
 		// do not expose all the data ...
-		$fields = array('Event.id', 'Event.org', 'Event.date', 'Event.risk', 'Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.orgc', 'Event.user_id', 'Event.locked');
+		$fields = array('Event.id', 'Event.org', 'Event.date', 'Event.threat_level_id', 'Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.orgc', 'Event.user_id', 'Event.locked');
 		$fieldsAtt = array('Attribute.id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.event_id', 'Attribute.distribution', 'Attribute.timestamp', 'Attribute.comment');
 		$fieldsShadowAtt = array('ShadowAttribute.id', 'ShadowAttribute.type', 'ShadowAttribute.category', 'ShadowAttribute.value', 'ShadowAttribute.to_ids', 'ShadowAttribute.uuid', 'ShadowAttribute.event_id', 'ShadowAttribute.old_id');
@ -833,6 +837,9 @@ class Event extends AppModel {
 			'recursive' => 0,
 			'fields' => $fields,
 			'contain' => array(
 				'ThreatLevel' => array(
 						'fields' => array('ThreatLevel.name')
 				),
 				'Attribute' => array(
 					'fields' => $fieldsAtt,
 					'conditions' => $conditionsAttributes,
@ -867,11 +874,11 @@ class Event extends AppModel {
 		}
 		return $results;
 	}
-	 public function csv($org, $isSiteAdmin, $eventid=0, $ignore=0, $attributeIDList = array()) {
+	public function csv($org, $isSiteAdmin, $eventid=0, $ignore=0, $attributeIDList = array()) {
-	 	$final = array();
+		$final = array();
-	 	$attributeList = array();
+		$attributeList = array();
-	 	$conditions = array();
+		$conditions = array();
 	 	$econditions = array();
 	 	$this->recursive = -1;
 	 	// If we are not in the search result csv download function then we need to check what can be downloaded. CSV downloads are already filtered by the search function.
@ -931,4 +938,149 @@ class Event extends AppModel {
 	 	}
 	 	return $attributes;
 	 }
 	public function sendAlertEmail($id, $org, $isSiteAdmin, $processId = null) {
 		$this->recursive = 1;
 		$event = $this->read(null, $id);
 		// Initialise the Job class if we have a background process ID
 		// This will keep updating the process's progress bar
 		if ($processId) {
 			$this->Job = ClassRegistry::init('Job');
 		}
 		// The mail body, h() is NOT needed as we are sending plain-text mails.
 		$body = "";
 		$body .= '----------------------------------------------' . "\n";
 		$appendlen = 20;
 		$body .= 'URL         : ' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $event['Event']['id'] . "\n";
 		$body .= 'Event       : ' . $event['Event']['id'] . "\n";
 		$body .= 'Date        : ' . $event['Event']['date'] . "\n";
 		if ('true' == Configure::read('CyDefSIG.showorg')) {
 			$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
 		}
 		$body .= 'Risk        : ' . $event['ThreatLevel']['name'] . "\n";
 		$body .= 'Analysis    : ' . $this->analysisLevels[$event['Event']['analysis']] . "\n";
 		$body .= 'Info  : ' . "\n";
 		$body .= $event['Event']['info'] . "\n";
 		$user['org'] = $org;
 		$relatedEvents = $this->getRelatedEvents($user, $isSiteAdmin);
 		if (!empty($relatedEvents)) {
 			$body .= '----------------------------------------------' . "\n";
 			$body .= 'Related to : '. "\n";
 			foreach ($relatedEvents as &$relatedEvent) {
 				$body .= Configure::read('CyDefSIG.baseurl') . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ') ' ."\n";
 			}
 			$body .= '----------------------------------------------' . "\n";
 		}
 		$body .= 'Attributes  :' . "\n";
 		$bodyTempOther = "";
 		if (isset($event['Attribute'])) {
 			foreach ($event['Attribute'] as &$attribute) {
 				$line = '- ' . $attribute['type'] . str_repeat(' ', $appendlen - 2 - strlen($attribute['type'])) . ': ' . $attribute['value'] . "\n";
 				if ('other' == $attribute['type']) // append the 'other' attribute types to the bottom.
 					$bodyTempOther .= $line;
 				else $body .= $line;
 			}
 		}
 		if (!empty($bodyTempOther)) {
 			$body .= "\n";
 		}
 		$body .= $bodyTempOther;	// append the 'other' attribute types to the bottom.
 		$body .= '----------------------------------------------' . "\n";
 		// find out whether the event is private, to limit the alerted user's list to the org only
 		if ($event['Event']['distribution'] == 0) {
 			$eventIsPrivate = true;
 		} else {
 			$eventIsPrivate = false;
 		}
 		// sign the body
 		require_once 'Crypt/GPG.php';
 		try {
 			$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));	// , 'debug' => true
 			$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
 			$bodySigned = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
 			//
 			// Build a list of the recipients that get a non-encrypted mail
 			// But only do this if it is allowed in the bootstrap.php file.
 			//
 			if ($eventIsPrivate) {
 			$conditions = array('User.autoalert' => 1, 'User.gpgkey =' => "", 'User.org =' => $event['Event']['org']);
 			} else {
 			$conditions = array('User.autoalert' => 1, 'User.gpgkey =' => "");
 			}
 				if ('false' == Configure::read('GnuPG.onlyencrypted')) {
 					$alertUsers = $this->User->find('all', array(
 							'conditions' => $conditions,
 							'recursive' => 0,
 					));
 					$max = count($alertUsers);
 					foreach ($alertUsers as $k => &$user) {
 					// prepare the the unencrypted email
 						$Email = new CakeEmail();
 						$Email->from(Configure::read('CyDefSIG.email'));
 						$Email->to($user['User']['email']);
 						$Email->subject("[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['ThreatLevel']['name'] . " - TLP Amber");
 						$Email->emailFormat('text');	// both text or html
 						// send it
 						$Email->send($bodySigned);
 						$Email->reset();
 						if ($processId) {
 							$this->Job->saveField('progress', $k / $max * 50);
 						}
 					}
 				}
 					//
 					// Build a list of the recipients that wish to receive encrypted mails.
 					//
 				if ($eventIsPrivate) {
 					$conditions = array('User.autoalert' => 1, 'User.gpgkey !=' => "", 'User.org =' => $event['Event']['org']);
 				} else {
 					$conditions = array('User.autoalert' => 1, 'User.gpgkey !=' => "");
 				}
 	 			$alertUsers = $this->User->find('all', array(
 	 					'conditions' => $conditions,
 	 					'recursive' => 0,
 	 				)
 				);
 			// encrypt the mail for each user and send it separately
 			foreach ($alertUsers as &$user) {
 				// send the email
 				$Email = new CakeEmail();
 				$Email->from(Configure::read('CyDefSIG.email'));
 				$Email->to($user['User']['email']);
 				$Email->subject("[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['ThreatLevel']['name'] . " - TLP Amber");
 				$Email->emailFormat('text');		// both text or html
  					// import the key of the user into the keyring
 				// this is not really necessary, but it enables us to find
 				// the correct key-id even if it is not the same as the emailaddress
 				$keyImportOutput = $gpg->importKey($user['User']['gpgkey']);
 				// say what key should be used to encrypt
 				try {
 					$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
 					$gpg->addEncryptKey($keyImportOutput['fingerprint']); // use the key that was given in the import
  						$bodyEncSig = $gpg->encrypt($bodySigned, true);
 						$Email->send($bodyEncSig);
 				} catch (Exception $e){
 					// catch errors like expired PGP keys
 					$this->log($e->getMessage());
 					// no need to return here, as we want to send out mails to the other users if GPG encryption fails for a single user
 				}
 				// If you wish to send multiple emails using a loop, you'll need
 				// to reset the email fields using the reset method of the Email component.
 				$Email->reset();
 				if ($processId) {
 					$this->Job->saveField('progress', ($k / $max * 50) + 50);
 				}
 			}
 		} catch (Exception $e){
 			// catch errors like expired PGP keys
 			$this->log($e->getMessage());
 			return $e->getMessage();
 		}
 	// LATER check if sending email succeeded and return appropriate result
 	return true;
 	}
 }
--- a/app/Model/Regexp.php
+++ b/app/Model/Regexp.php
@ -66,7 +66,6 @@ class Regexp extends AppModel {
 	}
 	public function replaceSpecific($string, $allRegexp = null, $type) {
 		if(!$this->_isSiteAdmin()) $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
 		$orig = $string;
 		foreach ($allRegexp as $regexp) {
 			if (strlen($regexp['Regexp']['replacement']) && strlen($regexp['Regexp']['regexp']) && ($regexp['Regexp']['type'] === 'ALL' || $regexp['Regexp']['type'] === $type)) {
--- a/app/Model/ThreatLevel.php
+++ b/app/Model/ThreatLevel.php
@ -0,0 +1,39 @@
 <?php
 App::uses('AppModel', 'Model');
 class ThreatLevel extends AppModel {
 	public $validate = array(
 		'name' => array(
 			'notEmpty' => array(
 				'rule' => array('notEmpty'),
 				'required' => true
 			),
 		),
 		'description' => array(
 			'notEmpty' => array(
 				'rule' => array('notEmpty'),
 			),
 		),
 		'form_description' => array(
 			'notEmpty' => array(
 				'rule' => array('notEmpty'),
 				'required' => true
 			),
 		),
 	);
 /**
 * hasMany associations
 *
 * @var array
 */
 	/*public $hasMany = array(
 		'Event' => array(
 			'className' => 'Event',
 			'foreignKey' => 'threat_level_id',
 			'dependent' => false,
 		)
 	);*/
 }
--- a/app/Test/Case/Model/ThreatLevelTest.php
+++ b/app/Test/Case/Model/ThreatLevelTest.php
@ -0,0 +1,47 @@
 <?php
 App::uses('ThreatLevel', 'Model');
 /**
 * ThreatLevel Test Case
 *
 */
 class ThreatLevelTest extends CakeTestCase {
 /**
 * Fixtures
 *
 * @var array
 */
 	public $fixtures = array(
 		'app.threat_level',
 		'app.event',
 		'app.user',
 		'app.role',
 		'app.post',
 		'app.thread',
 		'app.attribute',
 		'app.shadow_attribute'
 	);
 /**
 * setUp method
 *
 * @return void
 */
 	public function setUp() {
 		parent::setUp();
 		$this->ThreatLevel = ClassRegistry::init('ThreatLevel');
 	}
 /**
 * tearDown method
 *
 * @return void
 */
 	public function tearDown() {
 		unset($this->ThreatLevel);
 		parent::tearDown();
 	}
 }
--- a/app/Test/Fixture/ThreatLevelFixture.php
+++ b/app/Test/Fixture/ThreatLevelFixture.php
@ -0,0 +1,56 @@
 <?php
 /**
 * ThreatLevelFixture
 *
 */
 class ThreatLevelFixture extends CakeTestFixture {
 /**
 * Fields
 *
 * @var array
 */
 	public $fields = array(
 		'id' => array('type' => 'boolean', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'name' => array('type' => 'string', 'null' => false, 'length' => 50, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'form_description' => array('type' => 'string', 'null' => false, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'indexes' => array(
 			'PRIMARY' => array('column' => 'id', 'unique' => 1)
 		),
 		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
 	);
 /**
 * Records
 *
 * @var array
 */
 	public $records = array(
 		array(
 			'id' => 1,
 			'name' => 'High',
 			'description' => '*high* means sophisticated APT malware or 0-day attack',
 			'form_description' => 'Sophisticated APT malware or 0-day attack'
 		),
 		array(
 			'id' => 2,
 			'name' => 'Medium',
 			'description' => '*medium* means APT malware',
 			'form_description' => 'APT malware'
 		),
 		array(
 			'id' => 3,
 			'name' => 'Low',
 			'description' => '*low* means mass-malware',
 			'form_description' => 'Mass-malware'
 		),
 		array(
 			'id' => 4,
 			'name' => 'Undefined',
 			'description' => '*undefined* no risk',
 			'form_description' => 'No risk'
 		),
 	);
 }
--- a/app/View/Attributes/text.ctp
+++ b/app/View/Attributes/text.ctp
@ -0,0 +1,5 @@
 <?php
 foreach ($attributes as $attribute) {
 	echo $attribute['Attribute']['value'];
 	echo PHP_EOL;
 }
--- a/app/View/Elements/footer.ctp
+++ b/app/View/Elements/footer.ctp
@ -2,7 +2,13 @@
 	<div class="navbar navbar-inverse" style="padding-left:20px;">
 		<div class="navbar-inner row">
 			<div class="pull-left footerText" style="float:left;position:absolute;padding-top:12px;z-index:2;">
-				<span>Download: <?php echo $this->Html->link('PGP/GPG key', '/gpg.asc');?></span>
+				<?php
 				$gpgpath = ROOT.DS.APP_DIR.DS.WEBROOT_DIR.DS.'gpg.asc';
 				if(file_exists($gpgpath) && is_file($gpgpath)){ ?>
 					<span>Download: <?php echo $this->Html->link('PGP/GPG key', $this->webroot.'gpg.asc');?></span>
 				<?php }else{ ?>
 					<span>Could not locate the PGP/GPG public key.</span>
 				<?php } ?>
 			</div>
 			<div class = "footerText footerCenterText">
 				<span> <?php if (isset($me)) echo Configure::read('CyDefSIG.footerversion'); else echo Configure::read('CyDefSIG.footer')?></span>
--- a/app/View/Elements/global_menu.ctp
+++ b/app/View/Elements/global_menu.ctp
@ -91,10 +91,14 @@
 							<?php endif; ?>
 							<li><a href="/admin/roles/index">List Roles</a></li>
 							<?php if($isSiteAdmin): ?>
-							<li class="divider"></li>
+								<li class="divider"></li>
-							<li><a href="/admin/users/email">Contact Users</a></li>
+								<li><a href="/admin/users/email">Contact Users</a></li>
-							<li class="divider"></li>
+								<li class="divider"></li>
-							<li><a href="/pages/display/administration">Administrative tools</a></li>
+								<li><a href="/pages/display/administration">Administrative tools</a></li>
 								<?php if (Configure::read('MISP.background_jobs')): ?>
 									<li class="divider"></li>
 									<li><a href="/jobs/index">Jobs</a></li>
 								<?php endif; ?>						
 							<?php endif; ?>
 						</ul>
 					</li>
--- a/app/View/Elements/side_menu.ctp
+++ b/app/View/Elements/side_menu.ctp
@ -133,6 +133,8 @@
 					<li class="divider"></li>
 					<li <?php if ($menuItem === 'contact') echo 'class="active";'?>><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
 					<li <?php if ($menuItem === 'adminTools') echo 'class="active";'?>><a href="/pages/display/administration">Administrative tools</a></li>
 					<li class="divider"></li>
 					<li <?php if ($menuItem === 'jobs') echo 'class="active";'?>><a href="/jobs/index">Jobs</a></li>
 					<?php endif; 
 				break;	
--- a/app/View/Events/add.ctp
+++ b/app/View/Events/add.ctp
@ -18,7 +18,7 @@
 					'selected' => $initialDistribution,
 					));
 		}
-		echo $this->Form->input('risk', array(
+		echo $this->Form->input('threat_level_id', array(
 				'div' => 'input clear'
 				));
 		echo $this->Form->input('analysis', array(
@ -41,7 +41,7 @@ echo $this->Form->end();
 ?>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event-collection', 'menuItem' => 'add'));
 ?>
@ -51,7 +51,7 @@ echo $this->Form->end();
 //
 var formInfoValues = {
 		'EventDistribution' : new Array(),
-		'EventRisk' : new Array(),
+		'EventThreatLevelId' : new Array(),
 		'EventAnalysis' : new Array()
 };
@ -61,8 +61,7 @@ foreach ($distributionDescriptions as $type => $def) {
 	echo "formInfoValues['EventDistribution']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($riskDescriptions as $type => $def) {
-	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
+	echo "formInfoValues['EventThreatLevelId']['" . addslashes($type) . "'] = \"" . addslashes($def) . "\";\n";	// as we output JS code we need to add slashes
 	echo "formInfoValues['EventRisk']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($analysisDescriptions as $type => $def) {
 	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@ -72,11 +71,11 @@ foreach ($analysisDescriptions as $type => $def) {
 $(document).ready(function() {
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseleave', function(e) {
 	    $('#'+e.currentTarget.id).popover('destroy');
 	});
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseover', function(e) {
 	    var $e = $(e.target);
 	    if ($e.is('option')) {
 	        $('#'+e.currentTarget.id).popover('destroy');
@ -91,7 +90,7 @@ $(document).ready(function() {
 	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
 	// disadvangate is that user needs to click on the item to see the tooltip.
 	// no solutions exist, except to generate the select completely using html.
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('change', function(e) {
 		var $e = $(e.target);
        $('#'+e.currentTarget.id).popover('destroy');
        $('#'+e.currentTarget.id).popover({
--- a/app/View/Events/edit.ctp
+++ b/app/View/Events/edit.ctp
@ -14,7 +14,7 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
 		'label' => 'Distribution',
 	));
 }
-	echo $this->Form->input('risk', array(
+	echo $this->Form->input('threat_level_id', array(
 			'div' => 'input clear'
 			));
 	echo $this->Form->input('analysis', array(
@ -32,7 +32,7 @@ echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
 echo $this->Form->end();
 ?>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'editEvent'));
 ?>
@ -42,7 +42,7 @@ echo $this->Form->end();
 //
 var formInfoValues = {
 		'EventDistribution' : new Array(),
-		'EventRisk' : new Array(),
+		'EventThreatLevelId' : new Array(),
 		'EventAnalysis' : new Array()
 };
@ -52,8 +52,7 @@ foreach ($distributionDescriptions as $type => $def) {
 	echo "formInfoValues['EventDistribution']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($riskDescriptions as $type => $def) {
-	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
+	echo "formInfoValues['EventThreatLevelId']['" . addslashes($type) . "'] = \"" . addslashes($def) . "\";\n";	// as we output JS code we need to add slashes
 	echo "formInfoValues['EventRisk']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($analysisDescriptions as $type => $def) {
 	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@ -63,11 +62,11 @@ foreach ($analysisDescriptions as $type => $def) {
 $(document).ready(function() {
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseleave', function(e) {
 	    $('#'+e.currentTarget.id).popover('destroy');
 	});
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseover', function(e) {
 	    var $e = $(e.target);
 	    if ($e.is('option')) {
 	        $('#'+e.currentTarget.id).popover('destroy');
@ -82,7 +81,7 @@ $(document).ready(function() {
 	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
 	// disadvangate is that user needs to click on the item to see the tooltip.
 	// no solutions exist, except to generate the select completely using html.
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('change', function(e) {
 		var $e = $(e.target);
        $('#'+e.currentTarget.id).popover('destroy');
        $('#'+e.currentTarget.id).popover({
--- a/app/View/Events/export.ctp
+++ b/app/View/Events/export.ctp
@ -128,6 +128,9 @@
 				editMessage(i, "Completed.");
 				updateOutdated(i);
 			}
 			if (data == -1) {
 				alert("Warning, the background worker is not responding!");
 			}
 		});
 	}
--- a/app/View/Events/export_alternate.ctp
+++ b/app/View/Events/export_alternate.ctp
@ -0,0 +1,81 @@
 <div class="event index">
 	<h2>Export</h2>
 	<p>Export functionality is designed to automatically generate signatures for intrusion detection systems. To enable signature generation for a given attribute, Signature field of this attribute must be set to Yes.
 	Note that not all attribute types are applicable for signature generation, currently we only support NIDS signature generation for IP, domains, host names, user agents etc., and hash list generation for MD5/SHA1 values of file artifacts. Support for more attribute types is planned.
 	<br/>
 	<p>Simply click on any of the following buttons to download the appropriate data.</p>
 	<div class="row bottom-buffer">
 		<div class="span3">
 		<?php echo $this->Html->link('Download all as XML', array('action' => 'xml', 'download'), array('class' => 'btn btn-block full-width')); ?>
 		</div>
 		<div class="span9">Click this to download all events and attributes that you have access to <small>(except file attachments)</small> in a custom XML format.
 		</div>
 	</div>
 	<div class="row bottom-buffer">
 		<div class="span3">
 		<?php echo $this->Html->link('Download all signatures as CSV', array('action' => 'csv', 'download'), array('class' => 'btn btn-block full-width')); ?>
 		</div>
 		<div class="span9">Click this to download all attributes that are indicators and that you have access to <small>(except file attachments)</small> in CSV format.
 		</div>
 	</div>
 		<div class="row bottom-buffer">
 		<div class="span3">
 		<?php echo $this->Html->link('Download all as CSV', array('action' => 'csv', 'download', '0','1'), array('class' => 'btn btn-block full-width')); ?>
 		</div>
 		<div class="span9">Click this to download all attributes that you have access to <small>(except file attachments)</small> in CSV format.
 		</div>
 	</div>
 	<div class="row bottom-buffer">
 		<div class="span3">
 		<?php echo $this->Html->link('Download NIDS signatures', array('action' => 'nids', 'download'), array('class' => 'btn btn-block full-width')); ?>
 		</div>
 		<div class="span9">Click this to download all network related attributes that you
 				have access to under the Snort rule format. Only <em>published</em>
 				events and attributes marked as <em>IDS Signature</em> are exported.
 				Administration is able to maintain a whitelist containing host,
 				domain name and IP numbers to exclude from the NIDS export.
 		</div>
 	</div>
 	<div class="row bottom-buffer">
 		<div class="span3">
 			<?php echo $this->Html->link('Download all MD5 hashes', array('action' => 'hids', 'md5','download'), array('class' => 'btn btn-block full-width')); ?>
 			<?php echo $this->Html->link('Download all SHA1 hashes', array('action' => 'hids', 'sha1','download'), array('class' => 'btn btn-block full-width')); ?>
 		</div>
 		<div class="span9">Click on one of these two buttons to download all MD5 or SHA1
 				checksums contained in file-related attributes. This list can be
 				used to feed forensic software when searching for susipicious files.
 				Only <em>published</em> events and attributes marked as <em>IDS
 					Signature</em> are exported.
 		</div>
 	</div>
 	<p>
 	Click on one of these buttons to download all the attributes with the matching type. This list can be used to feed forensic software when searching for susipicious files. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported.
 	</p>
 	<ul class="inline">
 	<?php
 	foreach ($sigTypes as $sigType): ?>
 		<li class="actions" style="text-align:center; width: auto; padding: 7px 2px;">
 		<?php echo $this->Html->link($sigType, array('action' => 'text', 'download' ,$sigType), array('class' => 'btn')) ?>
 		</li>
 	<?php endforeach; ?>
 	</ul>
 </div>
 <div class="actions <?php echo $debugMode;?>">
 	<ul class="nav nav-list">
 		<li><a href="/events/index">List Events</a></li>
 		<?php if ($isAclAdd): ?>
 		<li><a href="/events/add">Add Event</a></li>
 		<?php endif; ?>
 		<li class="divider"></li>
 		<li><a href="/attributes/index">List Attributes</a></li>
 		<li><a href="/attributes/search">Search Attributes</a></li>
 		<li class="divider"></li>
 		<li class="active"><a href="/events/export">Export</a></li>
 		<?php if ($isAclAuth): ?>
 		<li><a href="/events/automation">Automation</a></li>
 		<?php endif;?>
 	</ul>
 </div>
--- a/app/View/Events/index.ctp
+++ b/app/View/Events/index.ctp
@ -100,18 +100,18 @@
 				<span id="searchorg"><br/>
 				<?php
 				echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-				echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
+				echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
-				echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
+				echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
-				echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
+				echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
-				echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
+				echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
 				echo $this->Form->input('searchorg', array(
 					'value' => $this->passedArgs['searchorg'],
 					'label' => '',
 					'class' => 'input-mini'));
-				?>
+				?>
-					<input type="submit" style="visibility:collapse;" />
+					<input type="submit" style="visibility:collapse;" />
-				<?php
+				<?php
-					echo $this->Form->end();
+					echo $this->Form->end();
 				?>
 				</span>
 			</th>
@ -135,8 +135,8 @@
 				<div id="searchdate" class="input-append input-prepend">
 							<?php
 							echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-							echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
+							echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
-							echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
+							echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
 							echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
 							echo $this->Form->input('searchDatefrom', array(
 									'value' => $this->passedArgs['searchDatefrom'],
@ -153,15 +153,15 @@
 									'class' => 'span1 datepicker',
 									'div' => false
 									));
-							?>
+							?>
-								<input type="submit" style="visibility:collapse;" />
+								<input type="submit" style="visibility:collapse;" />
-							<?php
+							<?php
-								echo $this->Form->end();
+								echo $this->Form->end();
 							?>
 				</div>
 			</th>
-			<th title="<?php echo $eventDescriptions['risk']['desc'];?>">
+			<th title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">
-				<?php echo $this->Paginator->sort('risk');?>
+				<?php echo $this->Paginator->sort('threat_level_id');?>
 			</th>
 			<th title="<?php echo $eventDescriptions['analysis']['desc'];?>">
 				<?php echo $this->Paginator->sort('analysis');?>
@ -172,18 +172,18 @@
 				<span id="searchinfo"><br/>
 				<?php
 					echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-					echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
+					echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
-					echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
+					echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
-					echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
+					echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
 					echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
 					echo $this->Form->input('searchinfo', array(
 							'value' => $this->passedArgs['searchinfo'],
 							'label' => '',
 							'class' => 'input-large'));
-				?>
+				?>
-					<input type="submit" style="visibility:collapse;" />
+					<input type="submit" style="visibility:collapse;" />
-				<?php
+				<?php
-					echo $this->Form->end();
+					echo $this->Form->end();
 				?>
 				</span>
 			</th>
@ -246,7 +246,7 @@
 				<?php echo $event['Event']['date']; ?>&nbsp;
 			</td>
 			<td class="short" onclick="location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
-				<?php echo $event['Event']['risk']; ?>&nbsp;
+				<?php echo $event['ThreatLevel']['name']; ?>&nbsp;
 			</td>
 			<td class="short" onclick="location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
 				<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;
@ -294,7 +294,7 @@
        </ul>
    </div>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event-collection', 'menuItem' => 'index'));
 ?>
--- a/app/View/Events/json/index.ctp
+++ b/app/View/Events/json/index.ctp
@ -0,0 +1,17 @@
 <?php
 foreach ($events as $key => &$event) {
    // rearrange things to be compatible with the Xml::fromArray()
    $events[$key] = $events[$key]['Event'];
    unset($events[$key]['Event']);
    // cleanup the array from things we do not want to expose
    unset($events[$key]['user_id']);
    // hide the org field is we are not in showorg mode
    if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) {
        unset($events[$key]['org']);
        unset($events[$key]['orgc']);
        unset($events[$key]['from']);
    }
 }
 echo json_encode($events);
--- a/app/View/Events/json/view.ctp
+++ b/app/View/Events/json/view.ctp
@ -0,0 +1,36 @@
 <?php
 $event['Event']['Attribute'] = $event['Attribute'];
 unset($event['Attribute']);
 $event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
 unset($event['ShadowAttribute']);
 unset($event['Event']['user_id']);
 // hide the org field is we are not in showorg mode
 if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) {
    unset($event['Event']['org']);
    unset($event['Event']['orgc']);
    unset($event['Event']['from']);
 }
 // remove value1 and value2 from the output
 foreach ($event['Event']['Attribute'] as $key => $value) {
    unset($event['Event']['Attribute'][$key]['value1']);
    unset($event['Event']['Attribute'][$key]['value2']);
    unset($event['Event']['Attribute'][$key]['category_order']);
 }
 if (isset($event['Event']['RelatedEvent'])) {
    foreach ($event['Event']['RelatedEvent'] as $key => $value) {
        unset($event['Event']['RelatedEvent'][$key]['user_id']);
        if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) {
            unset($event['Event']['RelatedEvent'][$key]['org']);
            unset($event['Event']['RelatedEvent'][$key]['orgc']);
        }
    }
 }
 if (isset($relatedEvents)) {
    foreach ($relatedEvents as $relatedEvent) {
        $event['Event']['RelatedEvent'][] = $relatedEvent['Event'];
    }
 }
 echo json_encode($event);
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@ -2,7 +2,7 @@
 $mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
 $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 ?>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent'));
 ?>
@ -54,9 +54,9 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 					<?php echo h($event['Event']['date']); ?>
 					&nbsp;
 				</dd>
-				<dt title="<?php echo $eventDescriptions['risk']['desc'];?>">Risk</dt>
+				<dt title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">Risk</dt>
 				<dd>
-					<?php echo h($event['Event']['risk']); ?>
+					<?php echo h($event['ThreatLevel']['name']); ?>
 					&nbsp;
 				</dd>
 				<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
@ -203,7 +203,7 @@ if (!empty($event['Attribute'])):?>
 			$first = 0;
 			?>
 				<ul class="inline" style="margin:0px;">
-			<?php 
+			<?php
 			if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
 				foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
 					echo '<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span>';
@ -394,7 +394,7 @@ if (!empty($event['Attribute'])):?>
 				endif; ?>
 		</div>
 		<div id="discussions_div">
-			<?php 
+			<?php
 				echo $this->element('eventdiscussion');
 			?>
 		</div>
--- a/app/View/Jobs/index.ctp
+++ b/app/View/Jobs/index.ctp
@ -95,5 +95,7 @@ endforeach; ?>
 	</ul>
 </div>
-
+<?php 
 	echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'jobs'));
 ?>
--- a/app/View/Users/admin_view.ctp
+++ b/app/View/Users/admin_view.ctp
@ -112,7 +112,7 @@ if (h($user['User']['change_pw']) == 1) {
 				</td>
 				<td><?php echo h($event['id']);?></td>
 				<td><?php echo h($event['date']);?></td>
-				<td><?php echo h($event['risk']);?></td>
+				<td><?php echo h($event['threat_level_id']);?></td>
 				<td><?php echo h($event['info']);?></td>
 				<td><?php echo h($event['uuid']);?></td>
 				<td><?php echo h($event['distribution']);?></td>
@ -131,6 +131,6 @@ if (h($user['User']['change_pw']) == 1) {
 	endif; ?>
 	</div>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'viewUser'));
 ?>
--- a/tools/curl/addEvent.sh
+++ b/tools/curl/addEvent.sh
@ -1,2 +1,5 @@
 curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 --data "@input/event.xml" -X POST http://localhost/events
 #curl -i -H "Accept: application/json" -H "content-type: text/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 #--data "@input/event.json" -X POST http://localhost/events
--- a/tools/curl/editEvent.sh
+++ b/tools/curl/editEvent.sh
@ -4,3 +4,6 @@
 # POST can be used as well..
 curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 --data "@input/event.xml" -X POST http://localhost/events/$1
 #curl -i -H "Accept: application/json" -H "content-type: text/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 #--data "@input/event.json" -X POST http://localhost/events/$1
--- a/tools/curl/indexEvents.sh
+++ b/tools/curl/indexEvents.sh
@ -1,2 +1,5 @@
 curl -H "Accept: application/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 -X GET http://localhost/events
 #curl -H "Accept: application/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 #-X GET http://localhost/events
--- a/tools/curl/input/event.json
+++ b/tools/curl/input/event.json
@ -0,0 +1,66 @@
 {
  "Event": {
    "id": "15",
    "org": "ORG",
    "date": "2012-04-12",
    "threat_level_id": "4",
    "info": "info",
    "user_id": "1",
    "uuid": "4f8c2c4e-00dc-42c9-83ad-76e9ff32448e",
    "distribution": "0",
    "analysis": "0",
    "timestamp": "1",
    "Attribute": [
      {
        "id": "116",
        "event_id": "14",
        "type": "ip-dst",
        "category": "Network activity",
        "to_ids": "1",
        "uuid": "4f8c2cc3-0410-4bf0-8559-5b9dff32448e",
        "distribution": "0",
        "value": "1.1.1.111",
        "timestamp": "0"
      },
      {
        "id": "117",
        "event_id": "14",
        "type": "malware-sample",
        "category": "Payload delivery",
        "to_ids": "0",
        "uuid": "4f8c2d08-7e6c-4648-8730-50a7ff32448e",
        "distribution": "0",
        "value": "A.doc|3f6f1aaab6171925c81de9b34a8fcf8e",
        "timestamp": "0"
      },
      {
        "id": "115",
        "event_id": "14",
        "type": "vulnerability",
        "category": "Payload delivery",
        "to_ids": "1",
        "uuid": "4f8c2c69-9bf8-4279-8d03-2138ff32448e",
        "distribution": "0",
        "value": "CVE-XXXX-XXXX",
        "timestamp": "0"
      }
    ],
    "RelatedEvent": [
      {
        "id": "11",
        "date": "2011-01-03",
        "uuid": "4f8812ff-ded0-4592-9227-0615ff32448e"
      },
      {
        "id": "9",
        "date": "2011-02-02",
        "uuid": "4f85981e-d044-4b16-bc16-0a35ff32448e"
      },
      {
        "id": "6",
        "date": "2011-03-01",
        "uuid": "4f7a9faa-91d4-4c91-8ec6-0878ff32448e"
      }
    ]
  }
 }
--- a/tools/curl/viewEvent.sh
+++ b/tools/curl/viewEvent.sh
@ -1,2 +1,5 @@
 curl -H "Accept: application/xml" -H "Authorization: 3xoBdRRCjr3dLS0WyqETzWZrMhmpK5iNCGpQxgsR" \
 -X GET http://localhost:8888/events/$1
 #curl -H "Accept: application/json" -H "Authorization: 3xoBdRRCjr3dLS0WyqETzWZrMhmpK5iNCGpQxgsR" \
 #-X GET http://localhost:8888/events/$1