diff options
| author | Horus3 | 2014-02-28 15:09:25 +0100 |
|---|---|---|
| committer | Horus3 | 2014-02-28 15:09:25 +0100 |
| commit | 139f00f5a0f27b919ba62df17db6278cd49b5324 (patch) | |
| tree | 7843804da9a03ec05a3717123cc07fcd31a8bd45 /www | |
| parent | ffe5fc7b12fbb9c13fb1477ae97417fac3f643ca (diff) | |
| download | files.iamfabulous.de-139f00f5a0f27b919ba62df17db6278cd49b5324.tar.gz | |
.
Diffstat (limited to 'www')
| -rw-r--r-- | www/functions.php | 21 | ||||
| -rw-r--r-- | www/index.php | 8 | ||||
| -rw-r--r-- | www/select.php | 16 |
3 files changed, 28 insertions, 17 deletions
diff --git a/www/functions.php b/www/functions.php index 562b393..2f18361 100644 --- a/www/functions.php +++ b/www/functions.php @@ -2,7 +2,7 @@ /* --LOGIN-- */ -function login(){ +function login($db){ if($_SERVER['REQUEST_METHOD'] == 'POST') { /*___Database Query: Login___*/ @@ -11,7 +11,6 @@ function login(){ $username = SQLite3::escapeString("$unsafe_username"); $passwort = SQLite3::escapeString("$unsafe_passwort"); - $db = new SQLite3("../database/sqlite.db"); $salt_db = $db->query("SELECT salt FROM user WHERE name='$username';"); while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){ foreach($salt_array as $firstelement){ @@ -87,7 +86,7 @@ function logout(){ /* --INVITE-- */ -function invite(){ +function invite($db){ if($_SERVER['REQUEST_METHOD'] == 'POST') { $name=$_SESSION["username"]; $safe_name = SQLite3::escapeString("$name"); @@ -95,8 +94,6 @@ function invite(){ $email=$_POST["email"]; $safe_email=SQLite3::escapeString("$email"); - $db = new SQLite3("../database/sqlite.db"); - $invite_db = $db->query("SELECT invites FROM user WHERE name='$safe_name';"); $invite_ar = $invite_db->fetchArray(SQLITE3_NUM); $invite = $invite_ar[0]; @@ -161,7 +158,7 @@ function invite(){ /* --REGISTER-- */ -function register(){ +function register($db){ if($_SERVER['REQUEST_METHOD'] == 'POST') { session_start(); @@ -181,8 +178,6 @@ function register(){ exit; } - $db = new SQLite3("../database/sqlite.db"); - $safe_name = SQLite3::escapeString("$name"); $safe_email = SQLite3::escapeString("$email"); @@ -248,16 +243,20 @@ function register(){ function get_404(){ echo "Sorry, page not found. <br>"; - select(); +// select(); exit; } -function select(){ - $i = 0; +function select($db){ + + + +/* $i = 0; foreach ($_GET as $name => $value) { //value leer? $args[$i] = $name; echo 'Name: ' . $name . ' Value: ' . $value . '<br />'; $i++; } echo "Presented by func select()!"; +*/ } diff --git a/www/index.php b/www/index.php index eb96364..7105c98 100644 --- a/www/index.php +++ b/www/index.php @@ -4,6 +4,8 @@ session_start(); require_once("functions.php"); +$db = new SQLite3("../database/sqlite.db"); + if(empty($_GET)){ if($_SESSION["login"]){ header("Refresh: 0; /$_SESSION[username]"); @@ -20,16 +22,16 @@ if(empty($_GET)){ if(empty($_GET["name"])){ switch($_GET["task"]){ case("login"): - login(); + login($db); break; case("logout"): logout(); break; case("invite"): - invite(); + invite($db); break; case("register"): - register(); + register($db); break; /* case("download"): //not implemented yet download(); diff --git a/www/select.php b/www/select.php index f0cd143..2fc6de1 100644 --- a/www/select.php +++ b/www/select.php @@ -1,10 +1,20 @@ <? -//session_start(); +session_start(); $db = new SQLite3("../database/sqlite.db"); -$owner=2; -$parentdir=0; + +$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($_SESSION[username]) . "';"); +$owner_ar = $owner_db->fetchArray(SQLITE3_NUM); +$owner = $owner_ar[0]; + +if(empty($_GET["folder"])){ + $parentdir=0; +} else { + $folder_array_unsafe = explode("/",$_GET["folder"]); + $length = count($folder_array_unsafe); +} + $count=0; $result_db = $db->query("SELECT id, parent, name, share FROM files WHERE parent=$parentdir AND owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';"); |