connect_error) {
$success=0;
die("Connection failed: " . $conn->connect_error);
}
$date=date("Y-m-d");
$stmt = $conn->prepare("INSERT INTO incidents (description, status, opened) VALUES (?, 'open', ?)");
$stmt->bind_param("ss", $keyword,$date);
$keyword=htmlspecialchars($_POST["keyword"]);
$stmt->execute();
$stmt->close();
//get id of this incident
$stmt = $conn->prepare("SELECT id FROM incidents WHERE description = ?");
$stmt->bind_param("s", $keyword);
$keyword=htmlspecialchars($_POST["keyword"]);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$incident_id=$row["id"];
$stmt->close();
$conn->close();
//add direcotrys etc
mkdir("/var/www/html/incidents/$incident_id/");
mkdir("/var/www/html/incidents/$incident_id/evidence");
echo '
Incident added successfully!
';
log_action("INCIDENT::ADD::SUCCESS","User ".$_SESSION["username"]." added an incident.",$_SESSION["id"]);
}
?>