From d2e98bef69068c6571c05832855f2827e32b6e1e Mon Sep 17 00:00:00 2001 From: jakani24 Date: Tue, 25 Jun 2024 21:19:00 +0200 Subject: [PATCH] Update manage_incident.php --- .../secure_zone/php/manage_incident.php | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php b/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php index 4d162ea..52d26cf 100644 --- a/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php +++ b/src/server/cyberhex-code/system/secure_zone/php/manage_incident.php @@ -77,6 +77,17 @@ if(isset($_GET["upload_evidence"])){ $target_file = $target_dir . $new_filename; move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file); } + +if(isset($_GET["add_message"])){ + $incident_id=htmlspecialchars($_GET["incident_id"]); + $message=htmlspecialchars($_POST["message"]); + $sent=date("Y-m-d H-i-s"); + $sql="INSERT INTO chats (belongs_to_incident,text,sent,from_userid)"; + $stmt = $conn->prepare($sql); + $stmt->bind_param("iii", $incident_id,$message,$box_id,$sent,$userid); + $stmt->execute(); + $stmt->close(); +} ?> @@ -183,6 +194,28 @@ if(isset($_GET["upload_evidence"])){ "); //display messages + echo("

Messages

"); + $sql="SELECT * FROM chats WHERE belongs_to_incident = ?"; + $stmt = $conn->prepare($sql_lists); + $incident_id=htmlspecialchars($_GET["incident_id"]); + $stmt->bind_param("i", $incident_id); + $stmt->execute(); + $result_lists = $stmt->get_result(); + echo(""); + echo(""); + while($list = $result_lists->fetch_assoc()) { + $message=$list["text"]; + $date=$list["sent"]; + $sql="SELECT username FROM users WHERE id=?"; + $stmt2 = $conn->prepare($sql); + $stmt2->bind_param("i", $entry["done_by"]); + $stmt2->execute(); + $result_lists2 = $stmt2->get_result(); + $user = $result_lists2->fetch_assoc(); + $from=$user["username"]; + echo(""); + } + echo("
MessageFromDate
$message$from$date
"); ?>