diff options
| author | moehm | 2014-03-19 19:29:43 +0100 |
|---|---|---|
| committer | moehm | 2014-03-19 19:29:43 +0100 |
| commit | bafaf5fad9266612c172c58360587832b8edb1b9 (patch) | |
| tree | bd5cbd384eabdac74002e3e5cf09686c9d217ae3 | |
| parent | c526938c960524e8e79124890875cd7afeae1d7f (diff) | |
| download | files.iamfabulous.de-bafaf5fad9266612c172c58360587832b8edb1b9.tar.gz | |
Added delete_folder and fixed some security issues.
| -rw-r--r-- | www/constants.php | 17 | ||||
| -rw-r--r-- | www/functions/func_delete.php | 114 | ||||
| -rwxr-xr-x | www/include.php | 4 |
3 files changed, 124 insertions, 11 deletions
diff --git a/www/constants.php b/www/constants.php index 2984c3a..1cdc32d 100644 --- a/www/constants.php +++ b/www/constants.php @@ -52,7 +52,18 @@ define("DELETE_FILE_SUCCESS", 39); define("DELETE_FILE_DATABASE", 40); define("DELETE_FILE_UNLINK", 41); define("DELETE_FILE_NO_FILE", 42); +define("DELETE_FILE_LOGIN", 43); +define("DELETE_FILE_NOT_OWNER", 44); -define("DELETE_USER_SUCCESS", 43); -define("DELETE_USER_FILE_DELETE", 44); -define("DELETE_USER_DATABASE", 45); +define("DELETE_USER_SUCCESS", 45); +define("DELETE_USER_FILE_DELETE", 46); +define("DELETE_USER_DATABASE", 47); +define("DELETE_USER_LOGIN", 48); +define("DELETE_USER_EMPTY_PASSWORD", 49); +define("DELETE_USER_WRONG_PASSWORD", 50); + +define("DELETE_FOLDER_SUCCESS", 51); +define("DELETE_USER_NOT_OWNER", 52); +define("DELETE_FOLDER_DATABASE", 53); +define("DELETE_FOLDER_LOGIN", 54); +define("DELETE_FOLDER_NOT_EMPTY", 55); diff --git a/www/functions/func_delete.php b/www/functions/func_delete.php index 2dab9e2..821f1aa 100644 --- a/www/functions/func_delete.php +++ b/www/functions/func_delete.php @@ -1,11 +1,23 @@ <?php function delete_file($user, $path){ + + if(!$_SESSION["login"]){ + return DELETE_FILE_LOGIN; + } + $db = $GLOBALS["db"]; $uploaddir = "../files/"; $file_id = select_file_id($db, $user, $path); + $file_owner_db = $db->query("SELECT owner FROM files WHERE id=".$file_id.";"); + $file_owner_ar = $file_owner_db->fetchArray(SQLITE3_NUM); + + if($file_owner_ar[0] != $_SESSION["userid"]){ + return DELETE_FILE_NOT_OWNER; + } + $check_if_file_db = $db->query("SELECT folder, hash FROM files WHERE id=".$file_id.";"); $check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM); @@ -15,8 +27,41 @@ function delete_file($user, $path){ $file_hash = $check_if_file_ar[1]; - if(!unlink($uploaddir.$file_hash.".gz")){ - return DELETE_FILE_UNLINK; + $hash_array_db = $db->query("SELECT hash FROM files WHERE hash='".$file_hash.";'"); + $count = 0; + + while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){ + $hash_ar[$count] = $row1[0]; + $count++; + } + + $count = 0; + + for($i=0; $i<count($hash_ar); $i++){ + $file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]. "';"); + while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){ + if($row2[1] != $_SESSION["userid"]){ + $saved_files[$count] = $hash_ar[$i]; + } + $count++; + } + } + + for($i=0; $i<count($saved_files); $i++){ + $cur = $saved_files[$i]; + for($j=0; $j<count($hash_ar); $j++){ + if($cur == $hash_ar[$j]){ + $hash_ar[$j] = ""; + } + } + } + + for($i=0; $<count($hash_ar); $i++){ + if(!unlink($uploaddir.$file_hash.".gz")){ + if(!$file_hash[$i] != ""){ + return DELETE_FILE_UNLINK; + } + } } if($db->exec(" @@ -30,15 +75,70 @@ function delete_file($user, $path){ } } -function delete_user($user){ +function delete_folder($user, $path){ + + if(!$_SESSION["login"]){ + return DELETE_FOLDER_LOGIN; + } + + $db = $GLOBALS["db"]; + + $folder_id = select_file_id($db, $user, $path); + + $folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$folder_id:";"); + $folder_owner_ar = $db->fetchArray(SQLITE3_NUM); + + if($folder_owner_ar[0] != $_SESSION["userid"]){ + return DELETE_FOLDER_NOT_OWNER; + } + + $folder_content_db = $db->query("SELECT id FROM files WHERE parent=".$folder_id.";"); + $folder_content_ar = $folder_content_db->fetchArray(SQLITE3_NUM); + + if(empty($folder_content_ar[0])){ + return DELETE_FOLDER_NOT_EMPTY; + } + + if($db->exec(" + BEGIN TRANSACTION; + DELETE FROM files WHERE id=".$folder_id."; + COMMIT; + ")){ + return DELETE_FOLDER_SUCCESS; + } else { + return DELETE_FOLDER_DATABASE; + } +} + +function delete_user($user, $password, $password_verify){ + + if(!$_SESSION["login"]){ + return DELETE_USER_LOGIN; + } + $db = $GLOBALS["db"]; $uploaddir = "../files/"; $owner = user_id($db, $user); + if(($password != $password_verify ) || $password = ""){ + return DELETE_USER_EMPTY_PASSWORD; + } + + $password_hash_db = $db->query("SELECT password FROM user WHERE id=".$owner.";"); + $password_hash_ar = $password_hash_db->fetchArray(SQLITE3_NUM); + + $admin_password_hash_db = $db->query("SELECT password FROM user WHERE id=1;"); + $admin_password_hash_ar = $admin_password_hash_db->fetchArray(SQLITE3_NUM); + + if(!password_verify($password, $password_hash_ar[0]) || !password_verify($password, $admin_password_hash_ar[0])){ + return DELETE_USER_WRONG_PASSWORD; + } + $hash_array_db = $db->query("SELECT hash FROM files WHERE folder='FILE' AND owner=".$owner.";"); $count = 0; + while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){ $hash_ar[$count] = $row1[0]; $count++; @@ -47,7 +147,7 @@ function delete_user($user){ $count = 0; for($i=0; $i<count($hash_ar); $i++){ - $file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash=".$hash_ar[$i].";"); + $file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]."';"); while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){ if($row2[1] != $_SESSION["userid"]){ $saved_files[$count] = $hash_ar[$i]; @@ -57,7 +157,7 @@ function delete_user($user){ } for($i=0; $i<count($saved_files); $i++){ - $cur = $saved_files[$i]: + $cur = $saved_files[$i]; for($j=0;$j<count($hash_ar); $j++){ if($cur == $hash_ar[$j]){ $hash_ar[$j] = ""; @@ -67,7 +167,9 @@ function delete_user($user){ for($i=0; $<count($hash_ar); $i++){ if(!unlink($uploaddir.$hash_ar[$i].".gz")){ - return DELETE_USER_FILE_DELETE; + if($hash_ar[$i] != ""){ + return DELETE_USER_FILE_DELETE; + } } } diff --git a/www/include.php b/www/include.php index 98c6b8e..8bd840b 100755 --- a/www/include.php +++ b/www/include.php @@ -15,8 +15,8 @@ require_once($func_dir . "func_user.php"); // gets the userid and account speci require_once($func_dir . "func_content.php"); // get the vfs content require_once($func_dir . "func_password.php"); // changes the user password require_once($func_dir . "func_folder.php"); // creates a new folder -require_once($func_dir . "func_delete.php"); // deletes files, folder and user -require_once($func_dir . "func_download.php"); // handles the file download +//require_once($func_dir . "func_delete.php"); // deletes files, folder and user +//require_once($func_dir . "func_download.php"); // handles the file download require_once("login.php"); // prints the login page require_once("register.php"); // prints the register page |