<?php
/*
PTK - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("lib_std.php");
include("sanitize.php");
include("loggerClass.php");
if (isset($_SESSION['img_token']) && strcmp($_SESSION['img_token'],$_GET['tk']) == 0){
$id = sanitize($_GET['id'],INT);
$image = image_info($id);
$case_name = $_SESSION['case'];
$md5 = sanitize($image['image_md5'],PARANOID);
$md5_date = $image['image_md5_check'];
$sha1 = sanitize($image['image_sha1'],PARANOID);
$sha1_date = $image['image_sha1_check'];
?>
<img src='../img/progress.gif' class="progress" id="progress">
<img src='../img/integrity.png' style='float:left'>
<b style="float:left"> Image integrity check</b><img id="close_box" style="float:right; cursor: pointer" src="../img/cancel.png" onclick="window.location = 'goto_home.php?id=1'">
<br><hr>
<b>Case: </b><?=$case_name;?>
<br>
<b>Image: </b><?=$image['name'];?>
<br>
<table class='form'>
<tr>
<td><b>MD5</b></td>
<td>
<div id="md5_date" style="display:inline"><?if($md5_date!='') echo "(".$md5_date.")";?></div>
<img src="../img/checked.png" style="margin-left: 50px; display:none" id="img_md5_yes">
<div id="label_md5_yes" style="display:none"><b> Verified</b></div>
<img src="../img/unchecked.png" style="margin-left: 50px; display:none" id="img_md5_no">
<div id="label_md5_no" style="display:none"><b> Mismatch</b></div>
</td>
</tr>
<tr><td>Original:</td><td><div id="original_md5"><?= sanitize(RemoveXSS($md5),PARANOID);?></div></td></tr>
<tr><td>Verified:</td><td><div id="verified_md5"></div></td></tr>
</table>
<?
$check_token = md5(uniqid(rand(), TRUE));
$_SESSION['check_token'] = $check_token;
?>
<?if ($md5==''){?>
<img src="../img/calc.png" style="cursor:pointer; float:right " title="Calculate MD5 value" onclick="ajax_request_hash('check_image_integrity.php?tk=<?=$check_token;?>&id=<?=$image['id'];?>&type=0', 'original_md5')">
<?}else{?>
<img src="../img/calc.png" style="cursor:pointer; float:right " title="Calculate MD5 value" onclick="ajax_request_hash('check_image_integrity.php?tk=<?=$check_token;?>&id=<?=$image['id'];?>&type=1', 'verified_md5', 'md5')">
<?}?>
<br>
<table class='form'>
<tr>
<td><b>SHA1</b></td>
<td>
<div id="sha1_date" style="display:inline"><?if($sha1_date!='') echo "(".$sha1_date.")";?></div>
<img src="../img/checked.png" style="margin-left: 50px; display:none" id="img_sha1_yes">
<div id="label_sha1_yes" style="display:none"><b> Verified</b></div>
<img src="../img/unchecked.png" style=" margin-left: 50px;display:none" id="img_sha1_no">
<div id="label_sha1_no" style="display:none"><b> Mismatch</b></div>
</td>
</tr>
<tr><td>Original:</td><td><div id="original_sha1"><?= sanitize(RemoveXSS($sha1),PARANOID);?></div></td></tr>
<tr><td>Verified:</td><td><div id="verified_sha1"></div></td></tr>
</table>
<?if ($sha1==''){?>
<img src="../img/calc.png" style="cursor:pointer; float:right " title="Calculate SHA1 value" onclick="ajax_request_hash('check_image_integrity.php?tk=<?=$check_token;?>&id=<?=$image['id'];?>&type=2', 'original_sha1')">
<?}else{?>
<img src="../img/calc.png" style="cursor:pointer; float:right " title="Calculate SHA1 value" onclick="ajax_request_hash('check_image_integrity.php?tk=<?=$check_token;?>&id=<?=$image['id'];?>&type=3', 'verified_sha1', 'sha1')">
<?}
}else{
new AuditLog('Unauthorized access to get_image_integrity');
header("location: goto_home.php");
}
?>