Merge in comming. Added new function to generate a donwload id.

4 files changed, 88 insertions, 6 deletions

diff --git a/www/functions/func_download.php b/www/functions/func_download.php
index 2239c71..b62e13f 100644
--- a/www/functions/func_download.php
+++ b/www/functions/func_download.php
@@ -25,8 +25,6 @@ function check_if_file($db, $name, $folder_path){
 		//get_404("/", "Protected file");
 		return false;
 	}
-	
-
 }
 
 function start_file_download($user, $path){
diff --git a/www/functions/func_folder.php b/www/functions/func_folder.php
index c511897..ab77a1c 100644
--- a/www/functions/func_folder.php
+++ b/www/functions/func_folder.php
@@ -32,10 +32,10 @@ function create_folder($path, $new_folder_name, $share){
 	//TODO: Cut trailing or leading slash
 	//TODO: Maye create two folders instead of returning an error?
 	if(preg_match("/\//", $new_folder_name)){
-		return MKDIR_SLASH_IN_FOLDER_NAME;
+		return SLASH_IN_FOLDER_NAME;
 	}
 
-	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_folder_name) . "';");
+	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_folder_name) . "' AND owner=".$_SESSION["userid"].";");
 	while($dupl_ar = $dupl_db->fetchArray(SQLITE3_NUM)){
 		if($dupl_ar[0] == $file_id){
 			return MKDIR_DUPLICATE;
@@ -50,6 +50,11 @@ function create_folder($path, $new_folder_name, $share){
 }
 
 function move_folder($old_path, $new_path){
+
+	if(!$_SESSION["login"]){
+		return NOT_LOGED_IN;
+	}
+
 	$db = $GLOBALS["db"];
 	$old_file_id = select_file_id($db, $_SESSION["userid"], $old_path);
 	$new_file_id = select_file_id($db, $_SESSION["userid"], $new_path);
@@ -69,8 +74,7 @@ function move_folder($old_path, $new_path){
 	$new_folder_owner_ar = $new_folder_owner_db->fetchArray(SQLITE3_NUM);
 
 	if($_SESSION["userid"] != $new_folder_owner_ar[0]){
-		return MV_NEW_FOLDER_NOT_OWNER;
-	}
+		return MV_NEW_FOLDER_NOT_OWNER; }
 
 	if($db->exec("
 		BEGIN TRANSACTION;
@@ -82,3 +86,77 @@ function move_folder($old_path, $new_path){
 		return MV_FOLDER_DATABASE;
 	}
 }
+
+function rename_folder($path, $new_name){
+	if(!$_SESSION["login"]){
+		return NOT_LOGED_IN;
+	}
+
+	$db = $GLOBALS["db"];
+
+	$file_id = select_file_id($db, $_SESSION["username"], $path);
+
+	$folder_owner_db = $db->query("SELECT owner FROM fiiles where id=".$file_id.";");
+	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return FOLDER_NOT_OWNER;
+	}
+
+	if(preg_match("/\//", $new_name)){
+		return SLASH_IN_FOLDER_NAME;
+	}
+
+	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_name) . "' AND owner=".$_SESSION["userid"].";");
+	while($dupl_ar = $dupl_db->fetchArray(SQLITE3_NUM)){
+		if($dupl_ar[0] == $file_id){
+			return MKDIR_DUPLICATE;
+		}
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE files SET name='".SQLite3::escapeString($new_name)."' WHERE id=".$file_id.";
+		COMMIT;
+	")){
+		return true;
+	} else {
+		return DATABASE;
+	}
+}
+
+function generate_download_link($file_id){
+
+	if(!$_SESSION["login"]){
+		return NOT_LOGED_IN;
+	}
+
+	$db = $GLOBALS["db"];
+
+	$folder_owner_db = $db->query("SELECT owner FROM fiiles where id=".$file_id.";");
+	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return FOLDER_NOT_OWNER;
+	}
+	
+	$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s",     "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q",     "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
+
+	$length = count($key_array);
+	$key = "";
+
+	for ($i=0;$i<21;$i++){
+		$index = mt_rand(0,$length-1);
+		$key = $key.$key_array[$index];
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE files SET download_link='".$key."' WHERE id=".$file_id.";
+		COMMIT;
+	")){
+		return key;
+	} else {
+		return DATABASE;
+	}
+}
diff --git a/www/functions/func_login.php b/www/functions/func_login.php
index 9deb27b..e5b7aab 100755
--- a/www/functions/func_login.php
+++ b/www/functions/func_login.php
@@ -50,3 +50,7 @@ function logout(){
                 return LOGOUT_FAILURE;
         }   
 }
+
+function brutforce_protection(){
+	$_SESSION["login_attempts"] = $_SESSION["login_attempts"] + 1;
+}
diff --git a/www/functions/func_upload.php b/www/functions/func_upload.php
index 8059191..eb3061b 100755
--- a/www/functions/func_upload.php
+++ b/www/functions/func_upload.php
@@ -29,6 +29,8 @@ function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $si
 
 function upload($db){
 
+	set_time_limit(0);
+
 	if(!$_SESSION["login"]){
 		return UPLOAD_LOGIN;
 	}