diff options
| author | root | 2014-03-10 15:31:56 +0100 |
|---|---|---|
| committer | root | 2014-03-10 15:31:56 +0100 |
| commit | 833d72001d3df1680913759ff760708766618eb8 (patch) | |
| tree | 33bb53833e39063e523ee76cd54bab305590e5b3 /tmp | |
| parent | 432275ce705b4e418b550eb99c45dd46ca1b3fd3 (diff) | |
| download | files.iamfabulous.de-833d72001d3df1680913759ff760708766618eb8.tar.gz | |
starting to write the interface
Diffstat (limited to 'tmp')
| -rw-r--r-- | tmp/select.php | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/tmp/select.php b/tmp/select.php new file mode 100644 index 0000000..ffa12d1 --- /dev/null +++ b/tmp/select.php @@ -0,0 +1,68 @@ +<? + +session_start(); + +if($_SESSION["login"]){ + $share=""; +} else { + $share ="AND share='PUBLIC'"; +} + +$db = new SQLite3("../database/sqlite.db"); + +function failure($reason){ + echo "A 404 error occurred. <br>"; + echo $reason; + exit; +} + +if(!empty($_GET["name"])){ + $user = $_GET["name"]; +} else { + failure("No user input."); +} + +$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';"); + +if(empty($owner_db)){ + failure("This user doesn't exist."); +} + +$owner_ar = $owner_db->fetchArray(SQLITE3_NUM); +$owner = $owner_ar[0]; + +$folder_array_unsafe = explode("/",$_GET["folder"]); +$length = count($folder_array_unsafe); + + +$root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . $owner . " AND folder='DIRECTORY' " . $share . ";"); +if(empty($root_db)){ + failure("There is something seriously wrong. If you are a human you should never read this. Mail the admin please."); +} +$root_ar = $root_db->fetchArray(SQLITE3_NUM); +$root_id = $root_ar[0]; +$parentdir = SQLite3::escapeString($root_id); +$temp_id = $root_id; + + +for($i=0; $i<$length; $i++){ + + if(!empty($folder_array_unsafe[$i])){ + $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';"); + if(empty($parentdir_db)){ + failure("Database error."); + } + $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); + if($parentdir != $prim_id[1]){ + failure("This folder doesn't exist. Folder: " . $folder_array_unsafe[$i]); + } + + $parentdir = $prim_id[0]; + echo SQLite3::escapeString($folder_array_unsafe[$i]); + + echo "<br>"; + } +} + +$content_db = $db->query("SELECT id, name, folder FROM files WHERE parent=" . $parentdir . " AND owner=" . $owner . ";"); +$content_ar = $conten_db->fetchArray(SQLITE3_NUM); |