checks if exists

1 files changed, 27 insertions, 72 deletions

diff --git a/www/select.php b/www/select.php
index 2dc1506..5f6504b 100644
--- a/www/select.php
+++ b/www/select.php
@@ -2,6 +2,12 @@
 
 session_start();
 
+if($_SESSION["login"]){
+	$share="";
+} else  {
+	$share ="AND share='PUBLIC'";
+}
+
 $db = new SQLite3("../database/sqlite.db");
 
 function failure($reason){
@@ -13,17 +19,26 @@ function failure($reason){
 if(!empty($_GET["name"])){
 	$user = $_GET["name"];
 } else {
-	failure("No user found.");
+	failure("No user input.");
 }
 
 $owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';");
+
+if(empty($owner_db)){
+	failure("This user doesn't exist.");
+}
+
 $owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
 $owner    = $owner_ar[0];
 
 $folder_array_unsafe = explode("/",$_GET["folder"]);
 $length = count($folder_array_unsafe);
 
-$root_db = $db->query("SELECT id FROM files WHERE owner= " . $owner . "AND folder='DIRECTORY' AND share='PUBLIC' AND parent=0;");
+
+$root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . $owner . " AND folder='DIRECTORY' " . $share . ";");
+if(empty($root_db)){
+	failure("There is something seriously wrong. If you are a human you should never read this. Mail the admin please.");
+}
 $root_ar = $root_db->fetchArray(SQLITE3_NUM);
 $root_id = $root_ar[0];
 $parentdir = SQLite3::escapeString($root_id);
@@ -31,80 +46,20 @@ $temp_id = $root_id;
 
 
 for($i=0; $i<$length; $i++){
-	$parentdir_db = $db->query("SELECT id, parent WHERE owner=" . $owner . "AND folder='DIRECTORY' AND share='PUBLIC' AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i] . "';");
-	if(empty($parentdir_db)){
-		failure("This folder doesn't exist.");
-	}
-	$parentdir_ar = $parentdir_db->fetchArray(SQLITE3_NUM);
-	if($temp_id != $parentdir_ar[1]){
-		failure("This folder doesn't exist.");
-	} else {
-		$temp_id = $parentdir_ar[0];
-	}
-
-	echo $folder_array_unsafe[$i];
-	echo "<br>";
-}
-/*
-$count=0;
-$result_db = $db->query("SELECT id, parent, name, share FROM files WHERE owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';");
-
-while($result[$count] = $result_db->fetchArray(SQLITE3_NUM)){
-	$count++;
-}
-
-echo "Found " . $count . " folder. <br>";
 
-*/
-/*
-for($i=0;$i<$count;$i++){
-
-	echo "name: " . $result[$i][2] . "<br>";
-
-	for($j=0;$j < count($result[$i]); $j++){
-		echo "name: " . $result[$i][$j] . "<br>";
-	}
-
-}
-*/
-/*
-while($result[$count]=$result_db->fetchArray(SQLITE3_NUM)){
-	while(!empty($result)){
-		$dimension = count($result);
-		for($i=0;$i<$dimension;$i++){
-			echo "result: " . $result[$i][2] . " dimension: " . $dimension . " ";
-			$parentdir=$result[$i][0];
-			$result_db = $db->query("SELECT id, parent, name, share FROM files WHERE parent='$parentdir' AND owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';");
-			$result[$count]=$result_db->fetchArray();
+	if(!empty($folder_array_unsafe[$i])){
+		$parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';");
+		if(empty($parentdir_db)){
+			failure("Database error.");
+		}
+		$prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
+		if($parentdir != $prim_id[1]){
+			failure("This folder doesn't exist. Folder: " . $folder_array_unsafe[$i]);
 		}
-	}
-			$count++;
-}
-*/
-
-
-/*
-function select_db ($db, $owner, $parentdir){
-	$result_db = $db->query("SELECT id, parent, name, share FROM files WHERE parent=$parentdir AND owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';");
-
-	$count=0;
-	while ($result = $result_db->fetchArray()){
-		$array[$count]=$result;			/*2D Array, an Stelle $count ist das $result Array mit Ergebnissen des SELECTs abgelegt*/
-/*		$count++;
-	}
-	return $array;
-}
-
-$row = select_db($db, $user, $parent);
-$dimension = count($row);
-echo "dimension: " . $dimension . "<br>";
 
-for($i=0;$i<$dimension;$i++){
-	echo "length [$i]: " . count($row[$i]) . "<br>";
+		$parentdir = $prim_id[0];
+		echo SQLite3::escapeString($folder_array_unsafe[$i]);
 
-	for($j=0;$j<4;$j++){
-		print_r($row[$i][$j]);
 		echo "<br>";
 	}
 }
-*/