Location: PHPKode > projects > Ptk-forensics > ptk/lib/delete_case.php
<?php
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("../config/config.inc.php");
include("sanitize.php");
include ("loggerClass.php");
session_start();
$token_age = time() - $_SESSION['case_token_time'];
if (!isset($_SESSION['case_token']) or strcmp($_SESSION['user'],"admin")!=0 or strcmp($_SESSION['case_token'],$_GET['tk'])!=0 or $token_age > 300){
 	new AuditLog('Unauthorized access to delete_case '.sanitize(RemoveXSS($_GET['id']),PARANOID));
        header("location: goto_home.php");
}else{
	$conn = mysql_connect($db_host, $db_user, $db_password)
	or die ("Error connecting to database");
	mysql_select_db($db_name);

	$id = $_GET['id'];
	$id = sanitize($id,INT);
	$query=mysql_query("DELETE FROM users_cases WHERE id_case=$id");
	$query=mysql_query("DELETE FROM bookmarks WHERE id_case=$id");
	$query=mysql_query("DELETE FROM cases WHERE id=$id");
	mysql_close();

	$_SESSION['message'] = "Case deleted";
	unset($_SESSION['case']);
	new Log($_SESSION['ip'],$_SESSION['user'], 'Case '.$id.' deleted');
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Ptk-forensics