Ejemplo n.º 1
0
    exit(0);
}
// Check if a risk ID was sent
if (isset($_GET['id']) || isset($_POST['id'])) {
    if (isset($_GET['id'])) {
        $id = htmlentities($_GET['id']);
    } else {
        if (isset($_POST['id'])) {
            $id = htmlentities($_POST['id']);
        }
    }
    // Get the details of the risk
    $risk = get_risk_by_id($id);
    $subject = htmlentities($risk[0]['subject']);
    $calculated_risk = $risk[0]['calculated_risk'];
    $risk_level = get_risk_level_name($calculated_risk);
    // If the risk level is high and they have permission
    if ($risk_level == "High" && $_SESSION['review_high'] == 1) {
        // Review is approved
        $approved = true;
    } else {
        if ($risk_level == "Medium" && $_SESSION['review_medium'] == 1) {
            // Review is approved
            $approved = true;
        } else {
            if ($risk_level == "Low" && $_SESSION['review_low'] == 1) {
                // Review is approved
                $approved = true;
            }
        }
    }
Ejemplo n.º 2
0
                  <li><a href="/management/mgmt_review.php?id=<?php 
echo $id;
?>
">Perform a Review</a></li>
                  <li><a href="/management/comment.php?id=<?php 
echo $id;
?>
">Add a Comment</a></li>
                </ul>
              </div>
              <h4>Risk ID: <?php 
echo $id;
?>
</h4>
              <h4>Calculated Risk: <?php 
echo $calculated_risk . " (" . get_risk_level_name($calculated_risk) . ")";
?>
</h4>
              <h4>Status: <?php 
echo $status;
?>
</h4>
            </div>
          </div>
          <div class="row-fluid">
            <form name="submit_risk" method="post" action="">
            <div class="span4">
              <div class="well">
                <h4>Details</h4>
<?php 
// If the user has selected to edit the risk