Upload checks if file already exist. If true, it just do the database linking.

author: Horus3 2014-03-11 17:31:52 +0100
committer: Horus3 2014-03-11 17:31:52 +0100
commit: 67e117d18f9ed0db28d31a03da42bb7b1050d33e (patch)
tree: 9c3a9b87fc578c0c21311e28cbb073ac14bb845b
parent: f938f30ff922e5073f71cd80a70ad74b7d8f93f5 (diff)
download: files.iamfabulous.de-67e117d18f9ed0db28d31a03da42bb7b1050d33e.tar.gz
4 files changed, 51 insertions, 21 deletions
diff --git a/www/createfolder.php b/www/createfolder.php
index bba776d..00d6d43 100644
--- a/www/createfolder.php
+++ b/www/createfolder.php
@@ -36,7 +36,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST'){
 
 	$db = new SQLite3("../database/sqlite.db");
 
-	$id_db = $db->query("SELECT id FROM user WHERE name='$sname';");
+	$id_db = $db->query("SELECT id FROM user WHERE name='" . $sname . "';");
 	$id_ar = $id_db->fetchArray(SQLITE3_NUM);
 	$id = $id_ar[0];
 
@@ -49,9 +49,9 @@ if($_SERVER['REQUEST_METHOD'] == 'POST'){
 			$folder_array[$i]=SQLite3::escapeString("$folder_array_unsafe[$i]");
 			if($absolutpath){
 				if($db->exec("
-					INSERT INTO files (id, parent, owner, name, folder, share) VALUES (NULL, $k, $id, '$folder_array[$i]', '$type', '$public');
+					INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (NULL, " . $k . ", " . $id . ", '" . $folder_array[$i] . "', '" . $type . "', 0, '" . $public . "', '');
 				")){
-					$primary_key_db = $db->query("SELECT id FROM files WHERE name='$folder_array[$i]'");
+					$primary_key_db = $db->query("SELECT id FROM files WHERE name='" . $folder_array[$i] . "';");
 					$primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM);
 					$primary_key = $primary_key_ar[0];
 					$k=$primary_key;
@@ -59,12 +59,12 @@ if($_SERVER['REQUEST_METHOD'] == 'POST'){
 					database_error();
 				}
 			} else {
-				$primary_key_db = $db->query("SELECT id FROM files WHERE name='$pwd'");
+				$primary_key_db = $db->query("SELECT id FROM files WHERE name='" . $pwd . "';");
 				$primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM);
 				$primary_key = $primary_key_ar[0];
 				if($db->exec("
 					BEGIN TRANSACTION;
-					INSERT INTO files (id, parent, owner, name, folder, share) VALUES (NULL, $primary_key, $id, '$folder_array[$i]', '$type', '$public');
+					INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (NULL, " . $primary_key . ", " . $id . ", '" . $folder_array[$i] . "', '" . $type . "', 0, '" . $public . "', '');
 					COMMIT;
 				")){
 					$pwd='$folder_array[$i]';
@@ -76,7 +76,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST'){
 
 	}
 
-	header("Refresh: 0; /$name");
+	header("Refresh: 0; /" . $name);
 
 } else {
 
diff --git a/www/functions.php b/www/functions.php
index 3e29ffd..091a1a1 100644
--- a/www/functions.php
+++ b/www/functions.php
@@ -221,7 +221,7 @@ function register($db){
 			if($db->exec("
 				BEGIN TRANSACTION;
 				UPDATE user SET name='$safe_name', salt='$salt', password='$hash_password', invites=5, status=1, register=(SELECT datetime()) WHERE id=$id;
-				INSERT INTO files (id, parent, owner, name, folder, mime, size, share, extra) VALUES (NULL, 0, $id, '/', 'DIRECTORY', NULL, NULL, 'PUBLIC', NULL);
+				INSERT INTO files (id, parent, owner, name, folder, mime, size, share, size, hash) VALUES (NULL, 0, $id, '/', 'DIRECTORY', NULL, NULL, 'PUBLIC', 0, '');
 				COMMIT;")
 			){
 				$_SESSION["login"] = true;
diff --git a/www/setup.php b/www/setup.php
index 660dc1b..01867eb 100644
--- a/www/setup.php
+++ b/www/setup.php
@@ -37,7 +37,7 @@ if($bool){
 		BEGIN TRANSACTION;
 		CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UIQUE, salt TEXT, password TEXT, email TEXT UNIQUE, invites INTEGER, senpai INTEGER, key TEXT, status INTEGER, register TEXT);
 		INSERT INTO user (id, name, senpai, key, status, invites, salt, password, email, register) VALUES (NULL, 'admin', 0, '11111', 1, 5, '$salt', '$hash_password', '$email', (SELECT datetime()) );
-		CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, extra TEXT, FOREIGN KEY(owner) REFERENCES user(id));
+		CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, hash TEXT, FOREIGN KEY(owner) REFERENCES user(id));
 		CREATE TABLE IF NOT EXISTS log (id INTEGER PRIMARY KEY, user INTEGER, login TEXT, FOREIGN KEY(user) REFERENCES user(id));
 		COMMIT;")
 	) {
diff --git a/www/upload.php b/www/upload.php
index 1c64fa1..ed25d85 100644
--- a/www/upload.php
+++ b/www/upload.php
@@ -10,6 +10,18 @@ function error($reason){
 	exit;
 }
 
+function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){
+	if($db->exec("
+		BEGIN TRANSACTION;
+		INSERT INTO files (id, parent, owner, name, folder, mime, size, share, hash) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."', '" . $filehash . "');
+		COMMIT;
+	")){
+		return true;
+	} else  {
+		return false;
+	}
+}
+
 function upload($db){
 
 	if(!$_SESSION["login"]){
@@ -47,36 +59,54 @@ function upload($db){
 	$folder = "FILE";
 	$mime = $_FILES['userfile']['type'];
 	$size = $_FILES['userfile']['size'];
-	$share = SQLite3::escapeString('$_POST[share]');
+	$share = SQLite3::escapeString($_POST['share']);
 
 	$uploaddir = "../files/";
 
-	if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){
-		if($db->exec("
-			BEGIN TRANSACTION;
-			INSERT INTO files (id, parent, owner, name, folder, mime, size, share) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."');
-			COMMIT;
-		")){
-			$id = $db->lastInsertRowID();
-			$gzfile = $uploaddir . $id . ".gz";
-			$fp = gzopen($gzfile, 'w9');
-			if(gzwrite($fp, file_get_contents($uploaddir . $filename))){
+	//$filehash = hash_file("md5", $uploaddir . $filename);
+	$filehash = hash_file("md5", $_FILES['userfile']['tmp_name']);
+
+	$hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';");
+	if(empty($hashtest_db)){
+
+		if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){
+
+			if(database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
+				$gzfile = $uploaddir . $filehash . ".gz";
+				$fp = gzopen($gzfile, 'w9');
+
+				if(!gzwrite($fp, file_get_contents($uploaddir . $filename))){
+					error("Something wrong writh the intern file handling.");
+				}
+
 				if(!gzclose($fp)){
 					error("Something wrong writh the intern file handling.");
 				}
+
 				if(!unlink($uploaddir . $filename)){
 					error("Something wrong writh the intern file handling.");
 				}
+
 				echo "Success!";
+
 			} else {
+				error("Database error.");
+			}
+
+		} else {
+			error("Moving failed.");
+		}
+	} else {
+		if(database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
+
+			if(!unlink($_FILES['userfile']['tmp_name'])){
 				error("Something wrong writh the intern file handling.");
 			}
+			echo "Success!";
 
 		} else {
 			error("Database error.");
 		}
-	} else{
-		error("Upload failed");
 	}
 }
author	Horus3	2014-03-11 17:31:52 +0100
committer	Horus3	2014-03-11 17:31:52 +0100
commit	67e117d18f9ed0db28d31a03da42bb7b1050d33e (patch)
tree	9c3a9b87fc578c0c21311e28cbb073ac14bb845b
parent	f938f30ff922e5073f71cd80a70ad74b7d8f93f5 (diff)
download	files.iamfabulous.de-67e117d18f9ed0db28d31a03da42bb7b1050d33e.tar.gz