--- snortcenter.orig/sensor.inc.php	Sat Aug 24 06:26:14 2002
+++ snortcenter/sensor.inc.php	Tue Oct  1 13:48:44 2002
@@ -19,6 +19,9 @@
 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */
 
+
+global $senstmpfnam;
+
 function find_interface_pid($id,$db) {
     $result = $db->acidExecute("select cmd_line, interface from sensor where id ='$id'");
     $myrow = $result->acidFetchRow();
@@ -135,7 +138,7 @@
 }
 
 function create_config($sensor_export, $sensor_id, $db) {
-
+global $senstmpfnam;
 sync_group($sensor_id,$db);
 
 global $snortcenter_ver;
@@ -145,7 +148,9 @@
     $result = $db->acidExecute("select sensor_name from sensor where id='$sensor_id'");
     $myrow = $result->acidFetchRow();
     $sensor_name = $myrow[0];
-    echo "<FONT size=1>";
+    if($sensor_export != 'download') {
+        echo "<FONT size=1>";
+    }
     $result_id = $db->acidExecute("SELECT sid from rulechange where sensor_id='$sensor_id'");
     while ($myrow = $result_id->acidFetchRow())
     {
@@ -155,10 +160,12 @@
 
 if (($sensor_export == 'download') || ($sensor_export == 'push')){
     if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
-        $fp = fopen ("c:/temp/$sensor_name", "w");
+	$senstmpfnam = tempnam("c:/temp",$sensor_name);
+	$fp = fopen ($senstmpfnam, "w");
     }
     else {
-	$fp = fopen ("/tmp/$sensor_name", "w");
+	$senstmpfnam = tempnam("/tmp",$sensor_name);
+	$fp = fopen ($senstmpfnam, "w");
     }
 }
 
@@ -685,7 +692,7 @@
 		if ($sensor_export == 'view') { echo "<BR>"; }
 #	}
 
-echo "</FONT>";
+if($sensor_export != 'download') { echo "</FONT>";}
 }
 return $sensor_name;
 }
--- snortcenter.orig/sensor.php	Sat Aug 24 12:29:53 2002
+++ snortcenter/sensor.php	Tue Oct  1 12:38:26 2002
@@ -130,11 +130,13 @@
     $sensor_name = create_config("push", $id, $db);
     if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
 	if ($curl_path !='') { $curl_path = rtrim($curl_path,'\\') . '\\'; }
-	$filename= "c:/temp/$sensor_name";
+	#$filename= "c:/temp/$sensor_name";
+	$filename=$senstmpfnam;
     }
     else {
 	if ($curl_path !='') { $curl_path = rtrim($curl_path,'/') . '/'; }

-	$filename= "/tmp/$sensor_name";
+	#$filename= "/tmp/$sensor_name";
+	$filename=$senstmpfnam;
     }
     $r_option = find_interface_pid($id,$db);
     exec($curl_path."curl -s -S --connect-timeout $curl_timeout -F \"interface=$myrow[interface]\" -F \"r_option=$r_option\" -F upload=@\"$filename\" $url 2>&1", $return_string);	
@@ -143,6 +145,7 @@
     }
     $cmd_err = push_cmd_line($id,$db);
     $sensor_msg = "$line<BR>$cmd_err";
+    unlink($filename);
 }
 
 
@@ -361,7 +364,7 @@
 require('bottom.inc.php');
 
 if ($sensor_ctl == 'download'){
-    echo '<SCRIPT language=javascript>setTimeout("location.href=\'dl.php?sensor_name='.$sensor_name.'\'",0);</SCRIPT>';
+    echo '<SCRIPT language=javascript>setTimeout("location.href=\'dl.php?sensor_name='.$sensor_name.'&id='.$id.'\'",0);</SCRIPT>';
 }
 
 ?>
--- snortcenter.orig/dl.php	Wed Aug  7 10:46:41 2002
+++ snortcenter/dl.php	Tue Oct  1 13:50:00 2002
@@ -1,15 +1,16 @@
 <?php
 if ($sensor_name)
 {
+    include("config.php");
+    include("sensor.inc.php");
+    $db = NewACIDDBConnection($DBlib_path,$DBtype);
+    $db->acidConnect($DB_dbname,$DB_host,$DB_port,$DB_user,$DB_password);
+    create_config("download",$id,$db);
     global $HTTP_USER_AGENT;
-    if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
-	$download="c:/temp/$sensor_name";
-    }
-    else {
-	$download="/tmp/$sensor_name";
-    }
+    global $senstmpfnam;
+    #$download="/tmp/$sensor_name";
     $name= $sensor_name. '.snort.conf';
-    $size=filesize($download);
+    $size=filesize($senstmpfnam);
 
     header("Content-Type: application/octet-steam");
     header("Content-Type: application/force-download");
@@ -23,6 +24,7 @@
 {
     header("Content-Disposition: attachment; filename=".$name);
 }    
-    readfile($download);
+    readfile($senstmpfnam);
+    unlink($senstmpfnam);
 }
 ?>