Location: PHPKode > projects > Ptk-forensics > ptk/lib/delete_image.php
<?php
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("../config/config.inc.php");
include ("loggerClass.php");
include ("lib_std.php");
include ("sanitize.php");
session_start();
$token_age = time() - $_SESSION['img_token_time'];
if (!isset($_SESSION['img_token']) or strcmp($_SESSION['user'],"admin")!=0 or strcmp($_SESSION['img_token'],$_GET['tk'])!=0 or $token_age > 300){
	new AuditLog('Unauthorized access to delete_image '.sanitize($_GET['id'],PARANOID));
        header("location: goto_home.php");
}else{
	$conn = mysql_connect($db_host, $db_user, $db_password)
	or die ("Error connecting to database");
	mysql_select_db($db_name);

	$id = sanitize($_GET['id'],INT);
	$arr= image_info($id);
	$case_id = sanitize($arr['id_case'],PARANOID);
	$arr1 = partition_info($id);

	for($i=0;$i<sizeof($arr1); $i++){
		$id_partition = $arr1[$i]['id'];
		$query2=mysql_query("DELETE FROM partitions WHERE id=$id_partition");
		$query3=mysql_query("DELETE FROM timeline_files WHERE id_file IN (
			SELECT id FROM partition_files WHERE id_partition=$id_partition)");
		$query4=mysql_query("DELETE FROM partition_files WHERE id_partition=$id_partition");
		$query5=mysql_query("DELETE FROM bookmarks WHERE id_partition=$id_partition");
	}

	$query1=mysql_query("DELETE FROM images WHERE id=$id");

	mysql_close();

	$_SESSION['message'] = "Image deleted";
	$_SESSION['temp_case_id'] = $case_id;
	new Log($_SESSION['ip'],$_SESSION['user'], 'Image '.$id.' deleted');
}
?>
Return current item: Ptk-forensics