Location: PHPKode > projects > Ptk-forensics > ptk/lib/modal_update_investigator.php
<?
/*
PTK  - DFLabs
Copyright (C) 2008 - DFLabs srl - All rights reserved
hide@address.com
*/
include("check_session.php");
include("lib_std.php");
include("sanitize.php");
include("loggerClass.php");
$id = sanitize($_GET['id'],INT);
$user = user_info($id);
$token_age = time() - $_SESSION['inv_token_time'];
if (strcmp($_SESSION['user'],"admin")!=0 or strcmp($_SESSION['inv_token'],$_GET['tk'])!=0 or $token_age > 300){
	new AuditLog('Unauthorized access to modal_update_investigator ');
	header("location: goto_home.php");
}else{
$inv_token = md5(uniqid(rand(), TRUE));
$_SESSION['up_inv_token'] = $inv_token;
$_SESSION['up_inv_token_time'] = time();
?>
<b style="float:left">Edit investigator's details</b>
<img style="float:right; cursor: pointer" src="../img/cancel.png" onclick="closeMessage()">
<br><hr>
<form method="post" action="update_investigator.php" name="myform" onsubmit="return(checkInvestigator('update'))">
	<table class="form">
		<input type="hidden" id="username" name="username" value="<?echo stripslashes($user['username'])?>">
		<input type=hidden name=ptktoken VALUE="<?=$inv_token?>"/>
		<tr><td>Username:</td><td><?echo stripslashes($user['username']);?></td></tr>
		<tr><td>*Name: </td><td> <input name="name" id="name" style="width:220px" value="<?echo stripslashes(htmlentities(RemoveXSS($user['name'])));?>"></td></tr>
		<tr><td>*Surname: </td><td> <input name="surname" id="surname" style="width:220px" value="<?echo stripslashes(htmlentities(RemoveXSS($user['surname'])));?>"></td></tr>
		<tr><td>*Primary mail: </td><td> <input name="mail1" id="mail1" style="width:220px" value="<?echo stripslashes(htmlentities(RemoveXSS($user['mail1'])));?>"></td></tr>
		<tr><td>Secondary mail: </td><td> <input name="mail2" style="width:220px" value="<?echo stripslashes(htmlentities(RemoveXSS($user['mail2'])));?>"></td></tr>
		<tr><td>*Phone: </td><td> <input name="phone1" id="phone1" style="width:220px" value="<?echo stripslashes(htmlentities(RemoveXSS($user['phone1'])));?>"></td></tr>
		<tr><td>Mobile: </td><td> <input name="phone2" style="width:220px" value="<?echo stripslashes(htmlentities(RemoveXSS($user['phone2'])));?>"></td></tr>	
		<tr><td>New password: </td><td> <input autocomplete="off" type="password" name="password1" id="password1" style="width:220px"></td></tr>
		<tr><td>Confirm new password: </td><td><input autocomplete="off" type="password" name="password2" id="password2" style="width:220px"></td></tr>
		<input type="hidden" name="old_password" value="<?echo $user['password'];?>">
		<tr><td></td></tr>
		<tr><td></td></tr>
		<tr><td></td><td style="text-align: right"><input type="submit" value="Save"></td></tr>
	</table>
	<script type="text/javascript">
	document.myform.name.focus();
	</script>	
</form>
<?}?>
Return current item: Ptk-forensics