Location: PHPKode > projects > Ptk-forensics > ptk/lib/delete_bookmark.php
<?
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("check_session_image.php");
include("../config/config.inc.php");
include ("sanitize.php");
include ("loggerClass.php");
include ("../config/conf.php");
if (!isset($_SESSION['bk_token'])){
	new AuditLog('Unauthorized access to delete_bookmark');
        header("location: goto_home.php");
}else{
$conn = mysql_connect($db_host, $db_user, $db_password)
or die ("Error connecting to database");
mysql_select_db($db_name);

session_start();
$id_case = $_SESSION['case_id'];
$id_case = sanitize($id_case,INT);
$id_partition = mysql_real_escape_string($_GET['arg1']);
$id_partition = sanitize($id_partition,INT);
$user = $_SESSION['user'];
$reference = mysql_real_escape_string($_GET['arg2']);
if ($user == 'admin'){
	$user_cond = " AND '".$user."'='".$user."'";
}else{
	$user_cond = " AND user='".$user."'";
}


if(isset($_GET['arg3'])){
	$id = $_GET['arg3'];
	$id = sanitize($id,INT);
	$query=mysql_query("DELETE FROM bookmarks WHERE id=".$id."".$user_cond);		
}else{
	if(isset($_GET['arg4'])){
		$query=mysql_query("
		DELETE FROM bookmarks WHERE id_case='$id_case' AND id_partition='$id_partition'".$user_cond." AND reference='$reference' AND title='".mysql_real_escape_string($_GET['arg4'])."'
		");		
	}
	elseif(isset($_GET['arg5'])){
		$query=mysql_query("
		DELETE FROM bookmarks WHERE id_case='$id_case' AND id_partition='$id_partition'".$user_cond." AND title='".mysql_real_escape_string($_GET['arg6'])."'
		");			
	}
	else{
		$query=mysql_query("
		DELETE FROM bookmarks WHERE id_case='$id_case' AND id_partition='$id_partition'".$user_cond." AND reference='$reference'
		");
	}
}
mysql_close();

new Log($_SESSION['ip'], $_SESSION['user'], 'Bookmark deleted');
}?>
Return current item: Ptk-forensics