<?
/*
PTK - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("lib_std.php");
include("sanitize.php");
include("loggerClass.php");
if (isset($_SESSION['inv_get_token']) && strcmp($_SESSION['inv_get_token'],$_GET['tk'])== 0 && strcmp($_SESSION['user'],"admin")==0){
$inv_token = md5(uniqid(rand(), TRUE));
$_SESSION['inv_token'] = $inv_token;
$_SESSION['inv_token_time'] = time();
$case = $_GET['id'];
$case = sanitize($case,INT);
$case_name = case_name_from_id($case);
$user_available = array(); $user_available = user_case_available($case);
$user_associated = array(); $user_associated = user_case_associated($case);
$result = "
<img src='../img/investigator_big.png' style='vertical-align:text-bottom'><b> $case_name: investigators management</b>
<div id='right_content'>
<div id='left'>
<div id='title_left'> Available investigators (drag)</div>
<div id='operator_list_source'>";
for ($i=0;$i<sizeof($user_available);$i++){
$result = $result."<div name ='".$user_available[$i]['id']."' id='itemLeft$i' class='item'> ".$user_available[$i]['username']."</div>";
}
$result = $result."
</div>
</div>
<div id='right'>
<div id='title_right'> Selected investigators (drag)</div>
<div id='operator_list_target'>";
for ($i=0;$i<sizeof($user_associated);$i++){
$result = $result."<div name ='".$user_associated[$i]['id']."' id='itemRight$i' class='item'> ".$user_associated[$i]['username']."</div>";
}
$result = $result."
</div>
</div>
</div>
<button onclick=\"save_case_investigators($case,'$case_name','$inv_token')\">Save</button>
";
echo $result;
?>
<?}else{
new AuditLog('Unauthorized access to get_investigators ');
header("location: goto_home.php");
}?>