From 47b7cb0aa65f7846997b11329e89db20a42ef9b2 Mon Sep 17 00:00:00 2001
From: jakani24 <janis.st44@gmail.com>
Date: Tue, 25 Jun 2024 20:19:04 +0200
Subject: [PATCH] Update manage_incident.php

---
 .../system/secure_zone/php/manage_incident.php    | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php b/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php
index 14f1796..1f8d1a1 100644
--- a/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php
+++ b/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php
@@ -11,6 +11,7 @@ if (!isset($_SESSION['username']) or !isset($_SESSION["login"])) {
 $username = $_SESSION['username'];
 $perms = $_SESSION["perms"];
 $email = $_SESSION["email"];
+$userid= $_SESSION["id"];
 if($perms[9]!=="1" && $perms[10]!=="1"){
 	header("location:/system/insecure_zone/php/no_access.php");
 	$block=1;
@@ -51,6 +52,20 @@ if(isset($_GET["add_todoitem"])){
 	$stmt->execute();
 	$stmt->close();	
 }
+
+if(isset($_GET["update_box_id"])){
+	$box_id=htmlspecialchars($_POST["update_box_id"]);
+	$status=htmlspecialchars($_GET["checked"]);
+	if($status=="true")
+		$status=1;
+	else
+		$status=0;
+	$sql="UPDATE todo_items SET done = ?, done_by = ? WHERE id = ?";
+	$stmt = $conn->prepare($sql);
+	$stmt->bind_param("iii", $status,$userid,$box_id);
+	$stmt->execute();
+	$stmt->close();	
+}
 ?>
 <!DOCTYPE html>
 <html lang="en">