Error handling in class_file and more methods.

2 files changed, 118 insertions, 17 deletions

diff --git a/www/functions/class_files.php b/www/functions/class_files.php
index 0cf066c..10182a9 100644
--- a/www/functions/class_files.php
+++ b/www/functions/class_files.php
@@ -33,41 +33,142 @@ class file {
 		}
 	}
 	function initFile($val){
+		if(!$val){
+			return false;
+		}
 		$this->file=$val;
 	}
 	function getDim(){
 		return count($this->file);
 	}
-	function getParent($val){
+	function getId($val = null){
 		$ar = $this->file;
-		return $ar[$val][1];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][0];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][0];
+			}
+			return $res;
+		}
 	}
-	function getOwner($val){
+	function getParent($val = null){
 		$ar = $this->file;
-		return $ar[$val][2];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][1];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][1];
+			}
+			return $res;
+		}
 	}
-	function getName($val){
+	function getOwnerId(){
+		$id = user_id($GLOBALS["db"], $_GET["name"]);
+		return $id;
+	}
+	function getOwnerName(){
+		return $_GET["name"];
+	}
+	function getName($val = null){
 		$ar = $this->file;
-		return $ar[$val][3];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][3];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][3];
+			}
+			return $res;
+		}
 	}
-	function getFolder($val){
+	function getType($val = null){
 		$ar = $this->file;
-		return $ar[$val][4];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][4];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][4];
+			}
+			return $res;
+		}
 	}
-	function getMime($val){
+	function getMime($val = null){
 		$ar = $this->file;
-		return $ar[$val][5];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][5];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][5];
+			}
+			return $res;
+		}
 	}
-	function getSize($val){
+	function getSize($val = null){
 		$ar = $this->file;
-		return $ar[$val][6];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][6];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][6];
+			}
+			return $res;
+		}
 	}
-	function getHash($val){
+	function getHash($val = null){
 		$ar = $this->file;
-		return $ar[$val][7];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][7];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][7];
+			}
+			return $res;
+		}
 	}
-	function getDownLink($val){
+	function getDownLink($val = null){
 		$ar = $this->file;
-		return $ar[$val][8];
+		if($val != null){
+			if(!preg_match("/^[0-9]+$/", $val)){
+				return false;
+			}
+			return $ar[$val][8];
+		} else {
+			$res;
+			for($i=0; $i<count($ar); $i++){
+				$res[$i] = $ar[$i][8];
+			}
+			return $res;
+		}
+	}
+	function getAll(){
+		return $this->file;
 	}
 }
diff --git a/www/functions/func_select.php b/www/functions/func_select.php
index 9f10cd6..a6f776d 100755
--- a/www/functions/func_select.php
+++ b/www/functions/func_select.php
@@ -1,7 +1,7 @@
 <?php
 function select_file_id($db, $owner, $folder_path){
 
-	if($_SESSION["login"] && $_SESSION["userid"] == $owner){ 	// TODO: Check if loged in user really the user who does the query - fix 12.3.14
+	if($_SESSION["login"] && $_SESSION["userid"] == $owner){
 		$share="";						// to print all files, even hidden ones
 	} else {
 		$share =" AND share='PUBLIC'";				// just use files with the correct permissions