Improved the ban system and the download mechanism.

author: Horus3 2014-03-29 20:26:26 +0100
committer: Horus3 2014-03-29 20:26:26 +0100
commit: f471b2130461efa25c62dbe8b015da6219cf3498 (patch)
tree: 1205716f618bee59e9d3a60f2a65c051f8f541e7 /www/functions/func_download.php
parent: ea8083d7162a099a8a2e1a7976ecd1e5278a5558 (diff)
download: files.iamfabulous.de-f471b2130461efa25c62dbe8b015da6219cf3498.tar.gz
1 files changed, 7 insertions, 5 deletions
diff --git a/www/functions/func_download.php b/www/functions/func_download.php
index b62e13f..64c5d90 100644
--- a/www/functions/func_download.php
+++ b/www/functions/func_download.php
@@ -64,16 +64,18 @@ function check_file_hash($db, $file_id, $download_hash){
 		return DOWNLOAD_FALSE_ID;
 	}
 
-	$check_hash_db = $db->query("SELECT folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
+	$check_hash_db = $db->query("SELECT owner, folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
 	$check_hash_ar = $check_hash_db->fetchArray(SQLITE3_NUM);
 
-	if($check_hash_ar[0] != "FILE"){
+	if($check_hash_ar[1] != "FILE"){
 		return DOWNLOAD_NOT_FILE;
 	}
 
-	if($check_hash_ar[1] != "PUBLIC"){
-		if($check_hash_ar[2] != $download_hash){
-			return DOWNLOAD_PRIVATE_FILE;
+	if($check_hash_ar[2] != "PUBLIC"){
+		if($_SESSION["userid"] != $check_hash_ar[0]){
+			if($check_hash_ar[3] != $download_hash){
+				return DOWNLOAD_PRIVATE_FILE;
+			}
 		}
 	}
author	Horus3	2014-03-29 20:26:26 +0100
committer	Horus3	2014-03-29 20:26:26 +0100
commit	f471b2130461efa25c62dbe8b015da6219cf3498 (patch)
tree	1205716f618bee59e9d3a60f2a65c051f8f541e7 /www/functions/func_download.php
parent	ea8083d7162a099a8a2e1a7976ecd1e5278a5558 (diff)
download	files.iamfabulous.de-f471b2130461efa25c62dbe8b015da6219cf3498.tar.gz