diff options
| -rw-r--r-- | weblog-controller.lua | 10 | ||||
| -rw-r--r-- | weblog-model.lua | 180 | ||||
| -rw-r--r-- | weblog-viewweblog-html.lsp | 122 |
3 files changed, 113 insertions, 199 deletions
diff --git a/weblog-controller.lua b/weblog-controller.lua index 93c1cae..76f4db9 100644 --- a/weblog-controller.lua +++ b/weblog-controller.lua @@ -38,7 +38,13 @@ function viewactivitylog(self) end function viewweblog(self) - return self.model.getweblog(self.clientdata.activelog, self.clientdata.clientuserid, self.clientdata.starttime, self.clientdata.endtime, self.clientdata.clientip, self.clientdata.badyesno, self.clientdata.deniedyesno, self.clientdata.bypassyesno, self.clientdata.score, self.clientdata.urisearch, self.clientdata.sortby, self.clientdata.selected, clientdata.focus) + local retval = controllerfunctions.handle_form(self, self.model.getweblogparameters, self.model.getweblog, self.clientdata, "Update", "Display Weblog") + -- We want to get the weblog even if form wasn't submitted + if not self.clientdata.Update then + controllerfunctions.handle_clientdata(retval, self.clientdata) + retval = self.model.getweblog(retval) + end + return retval end function downloadweblog(self) @@ -48,7 +54,7 @@ function downloadweblog(self) local content = {"sourcename\tclientuserid\tclientip\tlogdatetime\turi\tbytes\treason\tscore\tshortreason\tbadyesno\tdeniedyesno\tbypassyesno"} for i,log in ipairs(retval.value.log.value) do content[#content+1] = string.format("%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s", - log.sourcename, log.clientuserid, log.clientip, log.logdatetime, log.uri, log.bytes, log.reason, log.score, log.shortreason, log.badyesno, log.deniedyesno, log.bypassyesno) + log.sourcename, log.clientuserid, log.clientip, log.logdatetime, log.uri, log.bytes, log.reason, log.score, log.shortreason or "", log.badyesno, log.deniedyesno, log.bypassyesno) end file.value = table.concat(content, "\n") return file diff --git a/weblog-model.lua b/weblog-model.lua index a462ee8..d2f5b61 100644 --- a/weblog-model.lua +++ b/weblog-model.lua @@ -306,14 +306,14 @@ local generatewhereclause = function(clientuserid, starttime, endtime, clientip, if clientip and clientip ~= "" then where[#where+1] = "clientip = '"..escape(clientip).."'" end - if badyesno and badyesno ~= "" then - where[#where+1] = "badyesno = '"..escape(badyesno).."'" + if badyesno then + where[#where+1] = "badyesno = '1'" end - if deniedyesno and deniedyesno ~= "" then - where[#where+1] = "deniedyesno = '"..escape(deniedyesno).."'" + if deniedyesno then + where[#where+1] = "deniedyesno = '1'" end - if bypassyesno and bypassyesno ~= "" then - where[#where+1] = "bypassyesno = '"..escape(bypassyesno).."'" + if bypassyesno then + where[#where+1] = "bypassyesno = '1'" end if score and score ~= "" then where[#where+1] = "score >= '"..escape(score).."'" @@ -321,7 +321,7 @@ local generatewhereclause = function(clientuserid, starttime, endtime, clientip, if urisearch and urisearch ~= "" then where[#where+1] = "lower(uri) LIKE '%"..escape(urisearch).."%'" end - if selected and selected == "true" then + if selected then where[#where+1] = "selected = 'true'" end @@ -355,10 +355,6 @@ local listlogentries = function(activelog, clientuserid, starttime, endtime, cli return entries end -local listpubweblogentries = function(...) - return listlogentries(...) -end - local groupflaggedlogentries = function(starttime, endtime, groupby) groupby = groupby or "clientuserid" local entries = {} @@ -993,61 +989,6 @@ function getactivitylog() return retval end -local validateparameters = function(params) - local success = true - if params.clientip.value ~= "" and string.find(params.clientip.value, "[^%d%.]") then - params.clientip.errtxt = "Invalid IP Address" - success = false - end - if params.window.value ~= "" and not validator.is_integer(params.window.value) then - params.window.errtxt = "Must be an integer" - success = false - end - local res, err = pcall(function() - databaseconnect(DatabaseUser) - local s - if params.starttime.value ~= "" then - s,params.starttime.errtxt,params.starttime.value = convertdatabaseentry("TIMESTAMP", params.starttime.value) - success = success and s - end - if params.endtime.value ~= "" then - s,params.endtime.errtxt,params.endtime.value = convertdatabaseentry("TIMESTAMP", params.endtime.value) - success = success and s - end - if params.focus.value ~= "" then - s,params.focus.errtxt,params.focus.value = convertdatabaseentry("TIMESTAMP", params.focus.value) - success = success and s - end - databasedisconnect() - end) - if not res and err then - params.starttime.errtxt = err - params.endtime.errtxt = err - params.focus.errtxt = err - success = false - end - return success -end - -local handleparameters = function(activelog, clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, sortby, selected, focus) - local result = {} - result.activelog = cfe({ value=activelog or "pubweblog", label="Active Weblog" }) - result.clientuserid = cfe({ value=clientuserid or "", label="User ID" }) - result.starttime = cfe({ value=starttime or "", label="Start Time" }) - result.endtime = cfe({ value=endtime or "", label="End Time" }) - result.clientip = cfe({ value=clientip or "", label="Client IP" }) - result.badyesno = cfe({ value=badyesno, label="Show Dodgy Records", descr="Limit search to Dodgy records"}) - result.deniedyesno = cfe({ value=deniedyesno, label="Show Denied Records", descr="Limit search to Denied uri"}) - result.bypassyesno = cfe({ value=bypassyesno, label="Show Bypass Actions", descr="Limit search to Bypass attempts"}) - result.score = cfe({ value=score, label="Minimum Score", descr="Minimum score to search on"}) - result.urisearch = cfe({ value=urisearch or "", label="URI Contains", descr="Retrieve records where the URI contains this word"}) - result.sortby = cfe({ value=sortby, label="Sort By field", descr="Sort by this field when displaying records"}) - result.selected = cfe({ value=selected, label="Show Selected Records", descr="Show only records that have been selected"}) - result.window = cfe({ value=config.window or "5", label="Time Window" }) - result.focus = cfe({ value=focus or "", label="Focus Time" }) - return result -end - function geteditselected() local result = {} result.select = cfe({ type="list", value={}, label="Entries to mark as selected" }) @@ -1089,41 +1030,76 @@ function clearselected() return retval end -function getweblog(activelog, clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, sortby, selected, focus ) - if (not activelog or activelog=="") then - activelog = "pubweblog" - end - - if (not starttime or starttime=="") and (not endtime or endtime=="") and config.auditstart~="" and config.auditend~="" then - starttime = config.auditstart - endtime = config.auditend - end - - if config.badyesno=="true" then - badyesno = '1' - end - - if (not score or score=="") and config.minimumscore~="" then - score = config.minimumscore +local validateweblogparameters = function(params) + local success = modelfunctions.validateselect(params.value.activelog) + success = modelfunctions.validateselect(params.value.sortby) and success + if params.value.clientip.value ~= "" and string.find(params.value.clientip.value, "[^%d%.]") then + params.value.clientip.errtxt = "Invalid IP Address" + success = false end - - if (not sortby or sortby=="") and config.sortby~="" then - sortby = config.sortby + local res, err = pcall(function() + databaseconnect(DatabaseUser) + local s + if params.value.starttime.value ~= "" then + s,params.value.starttime.errtxt,params.value.starttime.value = convertdatabaseentry("TIMESTAMP", params.value.starttime.value) + success = success and s + end + if params.value.endtime.value ~= "" then + s,params.value.endtime.errtxt,params.value.endtime.value = convertdatabaseentry("TIMESTAMP", params.value.endtime.value) + success = success and s + end + if params.value.focus.value ~= "" then + s,params.value.focus.errtxt,params.value.focus.value = convertdatabaseentry("TIMESTAMP", params.value.focus.value) + success = success and s + end + databasedisconnect() + end) + if not res and err then + params.value.starttime.errtxt = err + params.value.endtime.errtxt = err + params.value.focus.errtxt = err + success = false end + return success +end - local result = handleparameters(activelog, clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, sortby, selected, focus) - result.log = cfe({ type="list", value={}, label="Weblog Access Log" }) - local success = validateparameters(result) +function getweblogparameters() + local c = getconfig() + local result = {} + result.activelog = cfe({ type="select", value="pubweblog", option={"pubweblog", "pubweblog_history"}, label="Active Weblog", seq=1 }) + result.starttime = cfe({ value=c.value.auditstart.value, label="Start Time", seq=2 }) + result.endtime = cfe({ value=c.value.auditend.value, label="End Time", seq=3 }) + result.clientuserid = cfe({ value="", label="User ID", seq=4 }) + result.clientip = cfe({ value="", label="Client IP", seq=5 }) + result.urisearch = cfe({ value="", label="URI Contains", descr="Retrieve records where the URI contains this word", seq=6 }) + result.score = cfe({ value=c.value.minimumscore.value, label="Minimum Score", descr="Minimum score to search on", seq=7 }) + result.sortby = cfe({ type="select", value=c.value.sortby.value, option=c.value.sortby.option, label="Sort By field", descr="Sort by this field when displaying records", seq=8 }) + result.badyesno = cfe({ type="boolean", value=c.value.badyesno.value, label="Show Suspect Records", descr="Limit search to records marked as suspect", seq=9 }) + result.deniedyesno = cfe({ type="boolean", value=c.value.deniedyesno.value, label="Show Denied Records", descr="Limit search to Denied URIs", seq=10 }) + result.bypassyesno = cfe({ type="boolean", value=c.value.bypassyesno.value, label="Show Bypass Records", descr="Limit search to Bypass attempts", seq=11 }) + result.selected = cfe({ type="boolean", value=false, label="Show Selected Records", descr="Limit search to records that have been selected", seq=12 }) + result.focus = cfe({ value="", label="Focus Time", seq=13 }) + return cfe({ type="group", value=result, label="Weblog Access Log" }) +end + +function getweblog(result) + local success = validateweblogparameters(result) + result.value.log = cfe({ type="list", value={}, label="Weblog Access Log" }) + result.value.window = cfe({ value=config.window or "5", label="Time Window" }) + local err if success then local res, err = pcall(function() databaseconnect(DatabaseUser) - result.log.value = listpubweblogentries(activelog, clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, sortby, selected ) or {} + result.value.log.value = listlogentries(result.value.activelog.value, result.value.clientuserid.value, result.value.starttime.value, result.value.endtime.value, result.value.clientip.value, result.value.badyesno.value, result.value.deniedyesno.value, result.value.bypassyesno.value, result.value.score.value, result.value.urisearch.value, result.value.sortby.value, result.value.selected.value ) or {} databasedisconnect() end) + if not res then + result.errtxt = err + end else - err = "Invalid search parameters" + result.errtxt = "Invalid search parameters" end - return cfe({ type="group", value=result, errtxt=err, label="Weblog Access Log" }) + return result end function getusagestats() @@ -1174,15 +1150,17 @@ function getconfig() local result = {} result.auditstart = cfe({ value=config.auditstart or "", label="Audit Start Time", seq=1 }) result.auditend = cfe({ value=config.auditend or "", label="Audit End Time", seq=2 }) - result.badyesno = cfe({ type="boolean", value=(config.badyesno == "1"), label="Display Suspect Records", descr="Show only records flagged as suspect on initial display", seq=3 }) - result.sortby = cfe({ type="select", value=config.sortby or "logdatetime", label="Sort By field", option={"logdatetime", "logdatetime DESC", "clientuserid", "clientuserid DESC", "clientip", "clientip DESC", "bytes", "bytes DESC", "score", "score DESC", "reason"}, seq=4 }) - result.minimumscore = cfe({ value=config.minimumscore or "0", label="Minimum Score", descr="Minimum Score to search for", seq=5 }) - result.window = cfe({ value=config.window or "5", label="Time Window", descr="Minutes of activity to display before and after selected block", seq=6 }) - result.purgedays = cfe({ value=config.purgedays or "30", label="Days before Purge", descr="Days to keep history, regardless of audit", seq=10 }) - result.groupby = cfe({ type="select", value=config.groupby or "clientuserid", label="Group results by", option={"clientuserid", "clientip"}, seq=7 }) - result.shorturi = cfe({ type="boolean", value=(config.shorturi == "true"), label="Truncate URLs", descr="You can limit the length of displayed URLs by enabling this option", seq=7 }) - result.shortreason = cfe({ type="boolean", value=(config.shortreason == "true"), label="Short Reason", descr="Display a short reason (dansguardian only)", seq=8 }) - result.stoponerror = cfe({ type="boolean", value=(config.stoponerror == "true"), label="Stop on Error", descr="Stop import of logs if an error is encountered", seq=11}) + result.groupby = cfe({ type="select", value=config.groupby or "clientuserid", label="Group results by", option={"clientuserid", "clientip"}, descr="Display audit results based on user ID or IP", seq=3 }) + result.minimumscore = cfe({ value=config.minimumscore or "0", label="Minimum Score", descr="Default minimum Score to search for", seq=4 }) + result.sortby = cfe({ type="select", value=config.sortby or "logdatetime", label="Sort By field", option={"logdatetime", "logdatetime DESC", "clientuserid", "clientuserid DESC", "clientip", "clientip DESC", "bytes", "bytes DESC", "score", "score DESC", "reason"}, descr="Default sort order", seq=5 }) + result.badyesno = cfe({ type="boolean", value=(config.badyesno == "true"), label="Display Suspect Records", descr="By default, only show records flagged as suspect", seq=6 }) + result.deniedyesno = cfe({ type="boolean", value=(config.deniedyesno == "true"), label="Display Denied Records", descr="By default, only show records with denied URI", seq=7 }) + result.bypassyesno = cfe({ type="boolean", value=(config.bypassyesno == "true"), label="Display Bypass Records", descr="By default, only show records with bypass attempts", seq=8 }) + result.shorturi = cfe({ type="boolean", value=(config.shorturi == "true"), label="Truncate URLs", descr="You can limit the length of displayed URLs by enabling this option", seq=9 }) + result.shortreason = cfe({ type="boolean", value=(config.shortreason == "true"), label="Short Reason", descr="Display a short reason (dansguardian only)", seq=10 }) + result.window = cfe({ value=config.window or "5", label="Time Window", descr="Minutes of activity to display before and after selected block", seq=11 }) + result.purgedays = cfe({ value=config.purgedays or "30", label="Days before Purge", descr="Days to keep full history, regardless of audit", seq=12 }) + result.stoponerror = cfe({ type="boolean", value=(config.stoponerror == "true"), label="Stop on Error", descr="Stop import of logs if an error is encountered", seq=13}) return cfe({ type="group", value=result, label="Weblog Config" }) end @@ -1233,6 +1211,8 @@ function updateconfig(newconfig) configcontent = format.update_ini_file(configcontent, "", "shortreason", tostring(newconfig.value.shortreason.value)) configcontent = format.update_ini_file(configcontent, "", "stoponerror", tostring(newconfig.value.stoponerror.value)) configcontent = format.update_ini_file(configcontent, "", "badyesno", tostring(newconfig.value.badyesno.value)) + configcontent = format.update_ini_file(configcontent, "", "deniedyesno", tostring(newconfig.value.deniedyesno.value)) + configcontent = format.update_ini_file(configcontent, "", "bypassyesno", tostring(newconfig.value.bypassyesno.value)) configcontent = format.update_ini_file(configcontent, "", "minimumscore", tostring(newconfig.value.minimumscore.value)) configcontent = format.update_ini_file(configcontent, "", "sortby", tostring(newconfig.value.sortby.value)) diff --git a/weblog-viewweblog-html.lsp b/weblog-viewweblog-html.lsp index 4df704e..07f6356 100644 --- a/weblog-viewweblog-html.lsp +++ b/weblog-viewweblog-html.lsp @@ -94,85 +94,18 @@ end <H1>Search Parameters</H1> <DL> -<% if data.errtxt then %><p class="error"><%= html.html_escape(data.errtxt) %></p><% end %> -<form action="<%= html.html_escape(page_info.script .. page_info.prefix .. page_info.controller .. "/" .. page_info.action) %>" method="POST"> -<DT>Active Weblog</DT> -<DD><select name="activelog"> -<option value="pubweblog">Current</option> -<option value="pubweblog_history"<% if data.value.activelog.value == "pubweblog_history" then %> selected="selected" <% end %> >History</option> -</select> -</DD> -<DT>Start Time</DT> -<DD><input class="text" type="text" name="starttime" value="<%= html.html_escape(data.value.starttime.value) %>" > -<p><%= html.html_escape(data.value.starttime.value) %></p> -<% if data.value.starttime.errtxt then %><p class="error"><%= html.html_escape(data.value.starttime.errtxt) %></p><% end %> -</DD> -<DT>User ID</DT> -<DD><input class="text" type="text" name="clientuserid" value="<%= html.html_escape(data.value.clientuserid.value) %>" > -<p><%= html.html_escape(data.value.clientuserid.value) %></p> -<% if data.value.clientuserid.errtxt then %><p class="error"><%= html.html_escape(data.value.clientuserid.errtxt) %></p><% end %> -</DD> -<DT>Client IP</DT> -<DD><input class="text" type="text" name="clientip" value="<%= html.html_escape(data.value.clientip.value) %>" > -<p><%= html.html_escape(data.value.clientip.value) %></p> -<% if data.value.clientip.errtxt then %><p class="error"><%= html.html_escape(data.value.clientip.errtxt) %></p><% end %> -</DD> -<DT>End Time</DT> -<DD><input class="text" type="text" name="endtime" value="<%= html.html_escape(data.value.endtime.value) %>" > -<p><%= html.html_escape(data.value.endtime.value) %></p> -<% if data.value.endtime.errtxt then %><p class="error"><%= html.html_escape(data.value.endtime.errtxt) %></p><% end %> -</DD> -<DT>URI Contains</DT> -<DD><input class="text" type="text" name="urisearch" value="<%= html.html_escape(data.value.urisearch.value) %>" > -<P CLASS="descr">Retrieve records where the URI contains this word</P> -<p><%= html.html_escape(data.value.urisearch.value) %></p> -<% if data.value.urisearch.errtxt then %><p class="error"><%= html.html_escape(data.value.urisearch.errtxt) %></p><% end %> -</DD> -<DT>Minimum Score</DT> -<DD><input class="text" type="text" name="score" value="<%= html.html_escape(data.value.score.value) %>" > -<P CLASS="descr">Minimum score to search on</P> -<% if data.value.score.errtxt then %><p class="error"><%= html.html_escape(data.value.score.errtxt) %></p><% end %> -</DD> -<DT>Sort By</DT> -<DD><select name="sortby"> -<option value="logdatetime"<% if data.value.log.value == "sortby" then %> selected="selected" <% end %> >Timestamp</option> -<option value="logdatetime DESC"<% if data.value.sortby.value == "logdatetime DESC" then %> selected="selected" <% end %> >Timestamp DESC</option> -<option value="clientuserid"<% if data.value.sortby.value == "clientuserid" then %> selected="selected" <% end %> >User ID</option> -<option value="clientuserid DESC"<% if data.value.sortby.value == "clientuserid DESC" then %> selected="selected" <% end %> >User ID DESC</option> -<option value="bytes"<% if data.value.sortby.value == "bytes" then %> selected="selected" <% end %> >Size</option> -<option value="bytes DESC"<% if data.value.sortby.value == "bytes DESC" then %> selected="selected" <% end %> >Size DESC</option> -<option value="score"<% if data.value.sortby.value == "score" then %> selected="selected" <% end %> >Score</option> -<option value="score DESC"<% if data.value.sortby.value == "score DESC" then %> selected="selected" <% end %> >Score DESC</option> -<option value="reason"<% if data.value.sortby.value == "reason" then %> selected="selected" <% end %> >Reason</option> -<option value="reason DESC"<% if data.value.sortby.value == "reason DESC" then %> selected="selected" <% end %> >Reason DESC</option> -</select> -</DD> -<DT>Show Suspect Records</DT> -<DD> -<input class="checkbox" type="checkbox" name="badyesno" value="1" <% if data.value.badyesno.value == "1" then %> checked <% end %>> -<P CLASS="descr">Show only URIs containing flagged words</P> -<% if data.value.badyesno.errtxt then %><p class="error"><%= html.html_escape(data.value.badyesno.errtxt) %></p><% end %> -</DD> -<DT>Show Denied URIs</DT> -<DD> -<input class="checkbox" type="checkbox" name="deniedyesno" value="1" <% if data.value.deniedyesno.value == "1" then %>checked<% end %>> -<% if data.value.deniedyesno.errtxt then %><p class="error"><%= html.html_escape(data.value.deniedyesno.errtxt) %></p><% end %> -<P CLASS="descr">Show only Denied URIs</P> -</DD> -<DT>Show Bypass Attempts</DT> -<DD> -<input class="checkbox" type="checkbox" name="bypassyesno" value="1" <% if data.value.bypassyesno.value == "1" then %>checked <% end %>> -<% if data.value.bypassyesno.errtxt then %><p class="error"><%= html.html_escape(data.value.bypassyesno.errtxt) %></p><% end %> -<P CLASS="descr">Show only Bypass attempts</P> -</DD> -<DT>Show Selected Records</DT> -<DD> -<input class="checkbox" type="checkbox" name="selected" value="true" <% if data.value.selected.value == "true" then %>checked <% end %>> -<% if data.value.selected.errtxt then %><p class="error"><%= html.html_escape(data.value.selected.errtxt) %></p><% end %> -<P CLASS="descr">Show only records that have been selected</P> -</DD> -<DT></DT><DD><input class="submit" type="submit" name="Update" value="Update"></DD> -</FORM> +<% -- Display the form, but skip log, window, and focus fields +local log = data.value.log +data.value.log = nil +local window = data.value.window +data.value.window = nil +local focus = data.value.focus +data.value.focus = nil +displayform(data, nil, nil, page_info, 2) +data.value.log = log +data.value.window = window +data.value.focus = focus +%> </DL> <% @@ -232,7 +165,7 @@ end %> <TD <% if data.value.clientip.value == watch.clientip then %> style="font-weight:bold;" <% end %> ><%= html.html_escape(watch.clientip) %></TD> <TD <% if data.value.clientuserid.value == watch.clientuserid then %> style="font-weight:bold;" <% end %> ><%= html.html_escape(watch.clientuserid) %></TD> <TD><%= html.html_escape(watch.bytes) %></TD> - <TD WIDTH="2%"><% if watch.badyesno == "1" then %><IMG SRC='<%= html.html_escape(page_info.wwwprefix..page_info.staticdir) %>/dodgy.png' width='13' height='13'><% end %></TD> + <TD WIDTH="2%"><% if watch.badyesno ~= "0" then %><IMG SRC='<%= html.html_escape(page_info.wwwprefix..page_info.staticdir) %>/dodgy.png' width='13' height='13'><% end %></TD> <TD WIDTH="2%"><% if watch.deniedyesno ~= "0" then %> <IMG SRC='<%= html.html_escape(page_info.wwwprefix..page_info.staticdir) %>/denied.png' width='13' height='13'><% end %></TD> <TD WIDTH="2%"><% if watch.bypassyesno ~= "0" then %> <IMG SRC='<%= html.html_escape(page_info.wwwprefix..page_info.staticdir) %>/bypass.png' width='13' height='13'><% end %></TD> <TD><%= html.html_escape(watch.score) %></TD> @@ -269,21 +202,16 @@ end %> <p>No results, try adjusting search parameters</p> <% end %> -<% if viewlibrary.check_permission("downloadweblog") then %> -<form action="<%= html.html_escape(page_info.script .. page_info.prefix .. page_info.controller .. "/downloadweblog") %>" method="POST"> -<input type="hidden" name="activelog" value="<%= html.html_escape(data.value.activelog.value) %>" > -<input type="hidden" name="starttime" value="<%= html.html_escape(data.value.starttime.value) %>" > -<input type="hidden" name="clientuserid" value="<%= html.html_escape(data.value.clientuserid.value) %>" > -<input type="hidden" name="clientip" value="<%= html.html_escape(data.value.clientip.value) %>" > -<input type="hidden" name="endtime" value="<%= html.html_escape(data.value.endtime.value) %>" > -<input type="hidden" name="badyesno" value="<%= html.html_escape(data.value.badyesno.value) %>" > -<input type="hidden" name="deniedyesno" value="<%= html.html_escape(data.value.deniedyesno.value) %>" > -<input type="hidden" name="bypassyesno" value="<%= html.html_escape(data.value.bypassyesno.value) %>" > -<input type="hidden" name="score" value="<%= html.html_escape(data.value.score.value) %>" > -<input type="hidden" name="sortby" value="<%= html.html_escape(data.value.sortby.value) %>" > -<input type="hidden" name="urisearch" value="<%= html.html_escape(data.value.urisearch.value) %>" > -<input type="hidden" name="selected" value="<%= html.html_escape(data.value.selected.value) %>" > -<DT>Download log</DT><DD><input class="submit" type="submit" name="Download" value="Download"></DD> -</form> -<% end %> +<% if viewlibrary.check_permission("downloadweblog") then +data.action = "downloadweblog" +data.option = "Download" +data.value.log = nil +data.value.window = nil +data.value.focus = nil +for n,v in pairs(data.value) do + v.type = "hidden" + v.checked = nil +end +displayform(data, nil, nil, page_info, 2) +end %> </DL> |