Location: PHPKode > projects > Ptk-forensics > ptk/lib/lock_case.php
<?
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("../config/config.inc.php");
include ("sanitize.php");
include ("loggerClass.php");
include ("lib_std.php");
session_start();

$token_age = time() - $_SESSION['case_token_time'];
if (!isset($_SESSION['case_token']) or strcmp($_SESSION['user'],"admin")!=0 or strcmp($_SESSION['case_token'],$_GET['tk'])!=0 or $token_age > 300){
	new AuditLog('Unauthorized access to lock_case ');
        header("location: goto_home.php");
}else{
	$conn = mysql_connect($db_host, $db_user, $db_password)
	or die ("Error connecting to database");
	mysql_select_db($db_name);
	
	$id = sanitize($_GET['id'],INT);
	$case = case_info($id);
	$case_name = $case['name'];
	
	if($case['is_locked']=='0'){
		$query = mysql_query("UPDATE cases SET is_locked=1 WHERE id='$id'");
		$_SESSION['message'] = "Case $case_name locked";
		new Log($_SESSION['ip'], $_SESSION['user'], "Case $case_name locked");	
	}else{
		$query = mysql_query("UPDATE cases SET is_locked=0 WHERE id='$id'");
		$_SESSION['message'] = "Case $case_name unlocked";	
		new Log($_SESSION['ip'], $_SESSION['user'], "Case $case_name unlocked");	
	}
	mysql_close();
	
	header("location: home.php");
}
?>
Return current item: Ptk-forensics