summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--www/constants.php3
-rwxr-xr-xwww/functions/func_select.php2
-rwxr-xr-xwww/functions/func_upload.php25
3 files changed, 6 insertions, 24 deletions
diff --git a/www/constants.php b/www/constants.php
index 3fcd67b..804743d 100644
--- a/www/constants.php
+++ b/www/constants.php
@@ -40,12 +40,11 @@ define("UPLOAD_SUCCESS", 29);
define("UPLOAD_DATABASE", 30);
define("UPLOAD_LOGIN", 31);
define("UPLOAD_UPLOAD", 32);
-define("UPLOAD_PARENTFOLDER", 33); // cur. tested if integer. Later should be if owner and uploader the same person
+define("UPLOAD_FOLDER_NOT_OWNER", 33);
define("UPLOAD_QUOTA", 34);
define("UPLOAD_FILE_HANDLING", 35);
define("UPLOAD_MOVING", 36);
define("UPLOAD_DUPLICATE", 37);
-define("UPLOAD_FOLDER_NOT_OWNER", 67);
define("MKDIR_SLASH_IN_FOLDER_NAME", 38); //check TODO
diff --git a/www/functions/func_select.php b/www/functions/func_select.php
index ae76121..9f10cd6 100755
--- a/www/functions/func_select.php
+++ b/www/functions/func_select.php
@@ -32,7 +32,7 @@ function select_file_id($db, $owner, $folder_path){
for($i=0; $i<$length; $i++){
- $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';");
+ $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "' COLLATE NOCASE;");
$prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
diff --git a/www/functions/func_upload.php b/www/functions/func_upload.php
index 8059191..674b4cd 100755
--- a/www/functions/func_upload.php
+++ b/www/functions/func_upload.php
@@ -1,20 +1,5 @@
<?php
-/* This was tested with this interface, where PWD the primary key from the working directory is:
-
-UPDATE 26.3. : Should now accept the path as an argument.
-
-<!DOCTYPE html>
-<form method='post' action='/upload.php' enctype="multipart/form-data">
-<p>File :<input name="userfile" type="file" size="500000000" maxlength="100000000000000"></p>
-
-<p>PWD: <input type='text' name='path'></p>
-<p>Share: <input type='text' name='share'>
-<p><input type='submit' name='submit' value='upload'></p>
-</form>
-
-*/
-
function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){
if($db->exec("
BEGIN TRANSACTION;
@@ -27,7 +12,9 @@ function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $si
}
}
-function upload($db){
+function upload($path){
+
+ $db = $GLOBALS["db"];
if(!$_SESSION["login"]){
return UPLOAD_LOGIN;
@@ -37,11 +24,7 @@ function upload($db){
return UPLOAD_UPLOAD;
}
- $parentdir = select_file_id($db, $_SESSION["userid"], $_POST["path"]);
- //$parentdir = SQLite3::escapeString("$_POST[pwd]");
- if(!preg_match("/[0-9]+/", $parentdir)){
- return UPLOAD_PARENTFOLDER;
- }
+ $parentdir = select_file_id($db, $_SESSION["userid"], $path);
$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$parentdir.";");
$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);