diff options
| author | Horus3 | 2014-02-17 22:14:41 +0100 |
|---|---|---|
| committer | Horus3 | 2014-02-17 22:14:41 +0100 |
| commit | cfec6f3f7711cc4a9551dedc0455e6fabf07ae48 (patch) | |
| tree | 8f1c6df0463d8379897ae5d59a5e9e95ee29dc92 | |
| parent | dee922a5de5108174e747dde547e366a6e3381ef (diff) | |
| download | files.iamfabulous.de-cfec6f3f7711cc4a9551dedc0455e6fabf07ae48.tar.gz | |
added GET
| -rw-r--r-- | www/createfolder.php | 105 |
1 files changed, 59 insertions, 46 deletions
diff --git a/www/createfolder.php b/www/createfolder.php index ae54329..cfcf4b2 100644 --- a/www/createfolder.php +++ b/www/createfolder.php @@ -7,61 +7,74 @@ if(!$_SESSION["login"]){ exit; } -function database_error(){ - echo "Database error!" - exit; -} +if($_SERVER['REQUEST_METHOD'] == 'POST'){ -$folder=$_POST["folder"]; -$name = $_SESSION["username"]; -$public = SQLite3::escapeString("$_POST[public]"); -$pwd = SQLite3::escapeString("$_POST[pdw]"); -$type = SQLite3::escapeString("$_POST[typ]"); + function database_error(){ + echo "Database error!" + exit; + } -if(preg_match("/^//", $folder)){ - $absolutpath = true; -} else { - $absolutpath = false; -} + $folder=$_POST["folder"]; + $name = $_SESSION["username"]; + $public = SQLite3::escapeString("$_POST[public]"); + $pwd = SQLite3::escapeString("$_POST[pdw]"); + $type = SQLite3::escapeString("$_POST[type]"); -$folder_array_unsafe = explode("/",$folder); -$length = count($folder); + if(preg_match("/^//", $folder)){ + $absolutpath = true; + } else { + $absolutpath = false; + } -$db = new SQLite3("../database/sqlite.db"); + $folder_array_unsafe = explode("/",$folder); + $length = count($folder); -$k=1; + $db = new SQLite3("../database/sqlite.db"); -for($i=0; $i++; $i<$length){ - $folder_array[$i]=SQLite3::escapeString("$folder_array_unsafe[$i]"); - if($absolutpath){ + $k=1; - if(db->exec(" - BEGIN TRANSACTION; - INSERT INTO $name (id, folder, name, type, public) VALUES (NULL, $k, $folder_array[$i], '$type', '$public'); - COMMIT; - ")){ - $primary_key_db = $db->query("SELECT id FROM $name WHERE name='$folder_array[$i]"); + for($i=0; $i++; $i<$length){ + $folder_array[$i]=SQLite3::escapeString("$folder_array_unsafe[$i]"); + if($absolutpath){ + if(db->exec(" + BEGIN TRANSACTION; + INSERT INTO $name (id, folder, name, type, public) VALUES (NULL, $k, $folder_array[$i], '$type', '$public'); + COMMIT; + ")){ + $primary_key_db = $db->query("SELECT id FROM $name WHERE name='$folder_array[$i]"); + $primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM); + $primary_key = $primary_key_ar[0]; + $k=$primary_key; + } else { + database_error(); + } + } else { + $primary_key_db = $db->query("SELECT id FROM $name WHERE name='$pwd'"); $primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM); $primary_key = $primary_key_ar[0]; - $k=$primary_key; - } else { - database_error(); - } - } else { - $primary_key_db = $db->query("SELECT id FROM $name WHERE name='$pwd'"); - $primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM); - $primary_key = $primary_key_ar[0]; - if(db->exec(" - BEGIN TRANSACTION; - INSERT INTO $name (id, folder, name, type, public) VALUES (NULL, $primary_key, '$folder_array[$i]', '$type', '$public'); - COMMIT; - ")){ - $pwd='$folder_array[$i]'; - } else { - database_error(); + if(db->exec(" + BEGIN TRANSACTION; + INSERT INTO $name (id, folder, name, type, public) VALUES (NULL, $primary_key, '$folder_array[$i]', '$type', '$public'); + COMMIT; + ")){ + $pwd='$folder_array[$i]'; + } else { + database_error(); + } } + } - -} + echo "END"; +} else { -echo "END"; + echo "Hallo $name + <form method='post' action='/createfolder.php'> + <p> Folder: <input type='text' name='folder'></p> + <p> Public? <input type='text' name='public'></p> + <p> pwd: <input type='text' name='pwd'></p> + <input type='hidden' name='type' value='FOLDER'> + <input type='submit' name='submit' value='invite'> + </form>"; + + echo "END"; +} |