diff options
| author | Horus3 | 2014-03-04 01:23:24 +0100 |
|---|---|---|
| committer | Horus3 | 2014-03-04 01:23:24 +0100 |
| commit | 0010ec225ec443e2b8a6ee77d9d66d968d72982b (patch) | |
| tree | aa961fb9205367a8ea1841609fe4a981f9fadc12 | |
| parent | 3e011f9723030f30085226db27e223f638db5d7b (diff) | |
| download | files.iamfabulous.de-0010ec225ec443e2b8a6ee77d9d66d968d72982b.tar.gz | |
checks if folder_string exists
| -rw-r--r-- | www/select.php | 53 |
1 files changed, 43 insertions, 10 deletions
diff --git a/www/select.php b/www/select.php index 494709f..2dc1506 100644 --- a/www/select.php +++ b/www/select.php @@ -4,17 +4,48 @@ session_start(); $db = new SQLite3("../database/sqlite.db"); -$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($_SESSION[username]) . "';"); -$owner_ar = $owner_db->fetchArray(SQLITE3_NUM); -$owner = $owner_ar[0]; +function failure($reason){ + echo "A 404 error occurred. <br>"; + echo $reason; + exit; +} -if(empty($_GET["folder"])){ - $parentdir=0; +if(!empty($_GET["name"])){ + $user = $_GET["name"]; } else { - $folder_array_unsafe = explode("/",$_GET["folder"]); - $length = count($folder_array_unsafe); + failure("No user found."); } +$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';"); +$owner_ar = $owner_db->fetchArray(SQLITE3_NUM); +$owner = $owner_ar[0]; + +$folder_array_unsafe = explode("/",$_GET["folder"]); +$length = count($folder_array_unsafe); + +$root_db = $db->query("SELECT id FROM files WHERE owner= " . $owner . "AND folder='DIRECTORY' AND share='PUBLIC' AND parent=0;"); +$root_ar = $root_db->fetchArray(SQLITE3_NUM); +$root_id = $root_ar[0]; +$parentdir = SQLite3::escapeString($root_id); +$temp_id = $root_id; + + +for($i=0; $i<$length; $i++){ + $parentdir_db = $db->query("SELECT id, parent WHERE owner=" . $owner . "AND folder='DIRECTORY' AND share='PUBLIC' AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i] . "';"); + if(empty($parentdir_db)){ + failure("This folder doesn't exist."); + } + $parentdir_ar = $parentdir_db->fetchArray(SQLITE3_NUM); + if($temp_id != $parentdir_ar[1]){ + failure("This folder doesn't exist."); + } else { + $temp_id = $parentdir_ar[0]; + } + + echo $folder_array_unsafe[$i]; + echo "<br>"; +} +/* $count=0; $result_db = $db->query("SELECT id, parent, name, share FROM files WHERE owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';"); @@ -24,16 +55,18 @@ while($result[$count] = $result_db->fetchArray(SQLITE3_NUM)){ echo "Found " . $count . " folder. <br>"; +*/ +/* for($i=0;$i<$count;$i++){ echo "name: " . $result[$i][2] . "<br>"; -/* + for($j=0;$j < count($result[$i]); $j++){ echo "name: " . $result[$i][$j] . "<br>"; } -*/ -} +} +*/ /* while($result[$count]=$result_db->fetchArray(SQLITE3_NUM)){ while(!empty($result)){ |