diff options
| author | Horus3 | 2014-03-12 19:32:07 +0100 |
|---|---|---|
| committer | Horus3 | 2014-03-12 19:32:07 +0100 |
| commit | 11f7f219b72c909cdbf74426e5095d9ee3ef8ec8 (patch) | |
| tree | bd40b8407a63724cea45076aa161fb617dabe09d | |
| parent | 9a63d1abed608ecce689fa4e7409c498c8d827ff (diff) | |
| download | files.iamfabulous.de-11f7f219b72c909cdbf74426e5095d9ee3ef8ec8.tar.gz | |
fixed PHP's bug with empty()
| -rw-r--r-- | www/functions/func_register.php | 14 | ||||
| -rw-r--r-- | www/functions/func_select.php | 15 | ||||
| -rw-r--r-- | www/upload.php | 5 |
3 files changed, 18 insertions, 16 deletions
diff --git a/www/functions/func_register.php b/www/functions/func_register.php index 3fc9949..10f1d5d 100644 --- a/www/functions/func_register.php +++ b/www/functions/func_register.php @@ -10,14 +10,14 @@ function register($db){ /* checking for empty password etc. */ if(($cleartext_password != $second_password) || !isset($_POST["pswd"]) || !isset($_POST["2ndpswd"]) || $cleartext_password == "" || empty($_POST["pswd"]) || empty($_POST["2ndpswd"])){ - header("Refresh: 0; register?reason=password"); + header("Refresh: 0; /register?reason=password"); return false; } /* TODO: allow full unicode */ if(preg_match("/[^-_0-9a-zA-Z]/", $name) || preg_match("/[^-_0-9a-zA-Z]/", $cleartext_password) || preg_match("/[^-_0-9a-zA-Z@.]/", $email)){ - header("Refresh: 0; register?reason=encoding"); + header("Refresh: 0; /register?reason=encoding"); return false; } @@ -27,14 +27,14 @@ function register($db){ /*Checks the validation of the registration attempt*/ $test_status_db = $db->query("SELECT status FROM user WHERE email='" . $safe_email . "';"); - $test_status_arr = $test_status_db->fetchArray(SQLITE3_NUM); - $test_status_int = $test_status_arr[0]; + $test_status_ar = $test_status_db->fetchArray(SQLITE3_NUM); + $test_status_int = $test_status_ar[0]; $test_key_db = $db->query("SELECT key FROM user WHERE email='" . $safe_email . "';"); - $test_key_arr = $test_key_db->fetchArray(SQLITE3_NUM); - $test_key = $test_key_arr[0]; + $test_key_ar = $test_key_db->fetchArray(SQLITE3_NUM); + $test_key = $test_key_ar[0]; - if (empty($test_status_db) || $test_status_int != 0 || $test_key != $_POST["key"] || $test_key == ""){ + if (empty($test_status_ar) || $test_status_int != 0 || $test_key != $_POST["key"] || $test_key == ""){ header("Refresh: 0; /register?reason=prohibited"); return false; } else { diff --git a/www/functions/func_select.php b/www/functions/func_select.php index dc649f2..4a803b2 100644 --- a/www/functions/func_select.php +++ b/www/functions/func_select.php @@ -13,21 +13,21 @@ function select($db){ } $owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';"); - if(empty($owner_db)){ + $owner_ar = $owner_db->fetchArray(SQLITE3_NUM); + if(empty($owner_ar)){ failure("This user doesn't exist."); } - $owner_ar = $owner_db->fetchArray(SQLITE3_NUM); $owner = $owner_ar[0]; $folder_array_unsafe = explode("/",$_GET["folder"]); $length = count($folder_array_unsafe); $root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . $owner . " AND folder='DIRECTORY' " . $share . ";"); - if(empty($root_db)){ + $root_ar = $root_db->fetchArray(SQLITE3_NUM); + if(empty($root_ar)){ failure("There is something seriously wrong. If you are a human you should never read this. Mail the admin please."); } - $root_ar = $root_db->fetchArray(SQLITE3_NUM); $root_id = $root_ar[0]; $parentdir = SQLite3::escapeString($root_id); $temp_id = $root_id; @@ -36,10 +36,12 @@ function select($db){ if(!empty($folder_array_unsafe[$i])){ $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';"); - if(empty($parentdir_db)){ + + $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); + if(empty($prim_id)){ failure("Database error."); } - $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); + if($parentdir != $prim_id[1]){ $wrong_folder = $folder_array_unsafe[$i]; @@ -70,7 +72,6 @@ function select($db){ $content[$count][6] = $row[6]; $content[$count][7] = $row[7]; $content[$count][8] = $row[8]; - //echo "<a href='/". $user . "/" . $content[$count][3] . "'>" . $content[$count][3] . "</a><br>"; $count++; } diff --git a/www/upload.php b/www/upload.php index 5c3f758..2858e72 100644 --- a/www/upload.php +++ b/www/upload.php @@ -67,7 +67,8 @@ function upload($db){ $filehash = hash_file("md5", $_FILES['userfile']['tmp_name']); $hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';"); - if(empty($hashtest_db)){ + $hashtest_ar = $hashtest_ar->fetchArray(SQLITE3_NUM); + if(empty($hashtest_ar)){ if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){ @@ -110,7 +111,7 @@ function upload($db){ } } -function web_upload($db){ +function web_upload($db){ // no use atm $url = ; if(preg_match("/^((https?|ftp)?://|www\.|ftp\.)?([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){ echo "hyperlink detected"; |