Removed more warnings.

Added and reorganized inline docs. Every file should have a small header explaining what the file does and what the paramerters are.

6 files changed, 75 insertions, 33 deletions

diff --git a/www/createfolder.php b/www/createfolder.php
index 64d99a4..bdba626 100755
--- a/www/createfolder.php
+++ b/www/createfolder.php
@@ -2,7 +2,7 @@
 
 session_start();
 
-if(!$_SESSION["login"]){
+if(!isset($_SESSION["login"])){
 	header("Refresh: 0; /login");
 	exit;
 }
@@ -59,7 +59,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST'){
 					database_error();
 				}
 			} else {
-				$primary_key_db = $db->query("SELECT id FROM files WHERE name='" . $pwd . "';");
+				$primary_key_db = $db->query("SELECT id FROM files WHERE name='".$pwd."';"); //TODO That doesn't make any sense to me at all!
 				$primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM);
 				$primary_key = $primary_key_ar[0];
 				if($db->exec("
diff --git a/www/httperror.php b/www/httperror.php
index a51e98d..d96f5c2 100755
--- a/www/httperror.php
+++ b/www/httperror.php
@@ -1,17 +1,19 @@
 <?php
 /*
-	GET Parameter, die von nginx übergeben werden:
-	
-	$_GET["e"] = 	404 Fehler
-			403 Fehler
-			401 Fehler
-			500 Fehler
-			502 Fehler
-			504 Fehler
-
-	Variablen, die der Funktion übergeben werden:
-
-	$wrong_folder: 		enthält den ersten Ordner, der nicht in der Datenbank gespeichert ist, also zB. "Bildr"
+	Displays the error pages. Implemented error provided via $_GET["e"] are: 
+	401
+	403
+	500
+	502
+	504
+	
+	404 is displayed if $_GET["e"] is not set. 
+	
+	The element that wasn't found is provided in $wrong_folder.
+	
+	$working_path contains the parent of the requested element.
+	
+	==================================================================================================================================================
 */
 ?>
 
diff --git a/www/index.php b/www/index.php
index f07a8d7..25a63e4 100755
--- a/www/index.php
+++ b/www/index.php
@@ -8,7 +8,7 @@ $db = new SQLite3("../database/sqlite.db");
 
 
 if(empty($_GET)){
-	if(!$_SESSION["login"]){
+	if(!isset($_SESSION["login"])){
 		header("Refresh: 0; /login");
 		exit;
 	} else {
diff --git a/www/invite.php b/www/invite.php
index 8eb721d..02f1617 100755
--- a/www/invite.php
+++ b/www/invite.php
@@ -1,4 +1,20 @@
-<?php include("static/header.html")?>
+<?php 
+	/*Displays the invite page and possible errors. Users can enter an email address and invite other people to join vfs.
+	Permission has already been checked.
+	
+	$_GET["reason"] can have the following values:
+	
+		invites: Specifies that the user has already reached his invite limit. No mail is send
+		
+		database: Specifies that the request could not be fullfilled due to a database error. No mail is send
+		
+		succuss: Specifies that the request was successfull. The new user has been invited.
+	
+	==================================================================================================================================================
+	*/
+
+
+include("static/header.html")?>
 
 	<link rel="stylesheet" type="text/css" href="/static/invite.css">
 	
diff --git a/www/login.php b/www/login.php
index c2847b3..3207703 100755
--- a/www/login.php
+++ b/www/login.php
@@ -1,13 +1,19 @@
 <?php
-/*
-	$_GET Paramter für Oli von Max:
-
-	--LOGIN--
-
-	$_GET["username"]: 	derjenige, der sich ein-/ausloggt (wird immer mitgegeben)
-	$_GET["reason"]:	failure 	wenn das Passwort aus der Datenbank nicht übereinstimmt mit dem eingegeben
-				database	wenn aus irgendwelchen Gründen nicht in die Datenbank geschrieben werden kann aka. transaction failed
-				logout		nachdem logout erfolgreich war (man wird auf /login wieder zurück geleitet)
+	/*
+	Displays the login page and possible errors. Users can enter their username and password to login. TODO recover Password
+	It has already been checked that the user isn't already logged in.
+	
+	$_GET["reason"] can have the following values:
+	
+		failure: Specifies that the username and password didn't match. The user is not logged in.
+		
+		database: Specifies that the request could not be fullfilled due to a database error. The user is not logged in.
+		
+		succuss: Specifies that the request was successfull. TODO should probably redirect to user root.
+		
+	$_GET["username"] contains the username if a prior attempt to login wasn't successfull.
+	
+	==================================================================================================================================================
 
 */
 ?>
diff --git a/www/register.php b/www/register.php
index 07f1535..71bd87b 100755
--- a/www/register.php
+++ b/www/register.php
@@ -1,14 +1,32 @@
 <?php
 /*
-	$_GET Paramter für Oli von Max:
+	Displays the register page and possible errors. Users specify their username and password and email address to register. As this page is invite-only users must enter their invite-key aswell.
 	
-	--REGISTER--
-
-	$_GET["username"]:      derjenige, der sich registriert (wird immer mitgegeben)
-	$_GET["reason"]:	password:	leeres Passwort, oder die beiden einzugebenen stimmen nicht überein
-				encoding:	es wurden unzulässige Zeichen eingegeben 	#TODO volle Unicode Unterstützung
-				prohibited:	a) invite key stimmt nicht, b) status bit in der Datenbank ist falsch gesetzt (gesperrt), c) die versuchte E-Mail stimmt nicht mit der überein, die vom Inviter angegeben wurd 	# c) sollten wir noch ändern, nich?
-				database:	Fehler mit der Datenbank
+	TODO the email cannot differ from the address the mail was sent to.
+	
+	It has already been checked that the user isn't already logged in.
+	
+	$_GET["reason"] can have the following values:
+	
+		password: Specifies that the password wasn't the same in both fields. The user is not registered.
+		
+		database: Specifies that the request could not be fullfilled due to a database error. The user is not registered.
+		
+		encoding: Specifies that the request could not be fullfilled due to invalid symbols in the password. TODO we should support the whole UTF-8
+		
+		prohibited: Specifies that the request could not be fullfilled because the account has been marked "blocked"
+		
+		TODO success?
+		
+		TODO provide the entered data if an error occurred.
+		
+			TODO username?
+		
+			TODO email?
+		
+			TODO invite-key?
+	
+	==================================================================================================================================================
 
 */
 ?>