summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xblob/database_schema4
-rw-r--r--www/constants.php6
-rw-r--r--www/functions/func_delete.php8
-rw-r--r--www/functions/func_download.php4
-rw-r--r--www/functions/func_folder.php48
-rwxr-xr-xwww/functions/func_register.php2
-rwxr-xr-xwww/include.php1
-rwxr-xr-xwww/setup.php9
8 files changed, 65 insertions, 17 deletions
diff --git a/blob/database_schema b/blob/database_schema
index f413e22..eef9aec 100755
--- a/blob/database_schema
+++ b/blob/database_schema
@@ -1,8 +1,8 @@
#Database schema for SQLite3 database, stored in "../database/sqlite.db", based on the "www" directory
-CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UNIQUE, password TEXT, email TEXT UNIQUE, invites INTEGER, senpai INTEGER, key TEXT, status INTEGER, register TEXT);
+CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UNIQUE, password TEXT, email TEXT UNIQUE, invites INTEGER, senpai INTEGER, key TEXT, status INTEGER, register TEXT, color_folder TEXT, color_file TEXT);
-CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, hash TEXT, FOREIGN KEY(owner) REFERENCES user(id));
+CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, hash TEXT, download_link TEXT, FOREIGN KEY(owner) REFERENCES user(id));
CREATE TABLE IF NOT EXISTS log (id INTEGER PRIMARY KEY, user INTEGER, login TEXT, FOREIGN KEY(user) REFERENCES user(id));
diff --git a/www/constants.php b/www/constants.php
index 15db956..e98111e 100644
--- a/www/constants.php
+++ b/www/constants.php
@@ -75,3 +75,9 @@ define("EMPTY_FOLDER", 58);
define("DOWNLOAD_FALSE_ID", 59);
define("DOWNLOAD_NOT_FILE", 60);
define("DOWNLOAD_PRIVATE_FILE", 61);
+
+define("MV_OLD_FOLDER_NOT_OWNER", 62);
+define("MV_NEW_FOLDER_NOT_OWNER", 63);
+define("MV_FOLDER_TARGET_NOT_EXIST", 64);
+define("MV_FOLDER_SUCCESS", 65);
+define("MV_FOLDER_DATABASE", 66);
diff --git a/www/functions/func_delete.php b/www/functions/func_delete.php
index 17da1c4..059bc3b 100644
--- a/www/functions/func_delete.php
+++ b/www/functions/func_delete.php
@@ -61,8 +61,8 @@ function delete_file($user, $path){
}
for($i=0; $i<count($hash_ar); $i++){
- if(!unlink($uploaddir.$file_hash.".gz")){
- if(!$file_hash[$i] != ""){
+ if(!$file_hash[$i] != ""){
+ if(!unlink($uploaddir.$file_hash.".gz")){
return DELETE_FILE_UNLINK;
}
}
@@ -170,8 +170,8 @@ function delete_user($user, $password, $password_verify){
}
for($i=0; $ii<count($hash_ar); $i++){
- if(!unlink($uploaddir.$hash_ar[$i].".gz")){
- if($hash_ar[$i] != ""){
+ if($hash_ar[$i] != ""){
+ if(!unlink($uploaddir.$hash_ar[$i].".gz")){
return DELETE_USER_FILE_DELETE;
}
}
diff --git a/www/functions/func_download.php b/www/functions/func_download.php
index e3e36aa..2239c71 100644
--- a/www/functions/func_download.php
+++ b/www/functions/func_download.php
@@ -66,7 +66,7 @@ function check_file_hash($db, $file_id, $download_hash){
return DOWNLOAD_FALSE_ID;
}
- $check_hash_db = $db->query("SELECT folder, share FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
+ $check_hash_db = $db->query("SELECT folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
$check_hash_ar = $check_hash_db->fetchArray(SQLITE3_NUM);
if($check_hash_ar[0] != "FILE"){
@@ -74,7 +74,7 @@ function check_file_hash($db, $file_id, $download_hash){
}
if($check_hash_ar[1] != "PUBLIC"){
- if($check_hash_ar[0] != $download_hash){
+ if($check_hash_ar[2] != $download_hash){
return DOWNLOAD_PRIVATE_FILE;
}
}
diff --git a/www/functions/func_folder.php b/www/functions/func_folder.php
index cd60852..c511897 100644
--- a/www/functions/func_folder.php
+++ b/www/functions/func_folder.php
@@ -1,5 +1,17 @@
<?php
+function database_mkdir($file_id, $new_folder_name, $share){
+ if($db->exec("
+ BEGIN TRANSACTION;
+ INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (Null, " . $file_id . ", " . $_SESSION['userid'] . ", '" . SQLite3::escapeString($new_folder_name) . "', 'DIRECTORY', 0, '" . SQLite3::escapeString($share) . "', '');
+ COMMIT;
+ ")){
+ return true;
+ } else {
+ return false;
+ }
+}
+
function create_folder($path, $new_folder_name, $share){
$db = $GLOBALS["db"];
@@ -29,14 +41,44 @@ function create_folder($path, $new_folder_name, $share){
return MKDIR_DUPLICATE;
}
}
+
+ if(database_mkdir($file_id, $new_folder_name, $share)){
+ return MKDIR_SUCCESS;
+ } else {
+ return MKDIR_DATABASE;
+ }
+}
+
+function move_folder($old_path, $new_path){
+ $db = $GLOBALS["db"];
+ $old_file_id = select_file_id($db, $_SESSION["userid"], $old_path);
+ $new_file_id = select_file_id($db, $_SESSION["userid"], $new_path);
+
+ $old_folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$old_file_id.";");
+ $old_folder_owner_ar = $old_folder_owner_db->fetchArray(SQLITE3_NUM);
+
+ if($_SESSION["userid"] != $old_folder_owner_ar[0]){
+ return MV_OLD_FOLDER_NOT_OWNER;
+ }
+
+ if(!$new_file_id){
+ return MV_FOLDER_TARGET_NOT_EXIST;
+ }
+
+ $new_folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$new_file_id.";");
+ $new_folder_owner_ar = $new_folder_owner_db->fetchArray(SQLITE3_NUM);
+
+ if($_SESSION["userid"] != $new_folder_owner_ar[0]){
+ return MV_NEW_FOLDER_NOT_OWNER;
+ }
if($db->exec("
BEGIN TRANSACTION;
- INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (Null, " . $file_id . ", " . $_SESSION['userid'] . ", '" . SQLite3::escapeString($new_folder_name) . "', 'DIRECTORY', 0, '" . SQLite3::escapeString($share) . "', '');
+ UPDATE files SET parent=".$new_file_id." WHERE id=".$old_file_id.";
COMMIT;
")){
- return MKDIR_SUCCESS;
+ return MV_FOLDER_SUCCESS;
} else {
- return MKDIR_DATABASE;
+ return MV_FOLDER_DATABASE;
}
}
diff --git a/www/functions/func_register.php b/www/functions/func_register.php
index b87d81f..90cbd7d 100755
--- a/www/functions/func_register.php
+++ b/www/functions/func_register.php
@@ -59,7 +59,7 @@ function register($db){
if($db->exec("
BEGIN TRANSACTION;
- UPDATE user SET name='" . $safe_name . "', password='" . $hash_password . "', invites=5, status=1, register=(SELECT datetime()) WHERE id=" . $id . ";
+ UPDATE user SET name='" . $safe_name . "', password='" . $hash_password . "', invites=5, status=1, register=(SELECT datetime()), color_folder='DEFAULT', color_file='DEFAULT' WHERE id=" . $id . ";
INSERT INTO files (id, parent, owner, name, folder, mime, size, share, size, hash) VALUES (NULL, 0, $id, '/', 'DIRECTORY', NULL, NULL, 'PUBLIC', 0, '');
INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='" . $safe_name. "'), (SELECT datetime()));
COMMIT;")
diff --git a/www/include.php b/www/include.php
index aa90993..69e6227 100755
--- a/www/include.php
+++ b/www/include.php
@@ -30,4 +30,3 @@ require_once($func_dir . "func_upload.php"); // handles the file upload
require_once("login.php"); // prints the login page
require_once("register.php"); // prints the register page
require_once("browse.php"); // prints the file browser page
-
diff --git a/www/setup.php b/www/setup.php
index a841ad4..93551aa 100755
--- a/www/setup.php
+++ b/www/setup.php
@@ -52,10 +52,10 @@ if($bool){
if($db->exec("
BEGIN TRANSACTION;
- CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UNIQUE, password TEXT, email TEXT UNIQUE, invites INTEGER, senpai INTEGER, key TEXT, status INTEGER, register TEXT);
- INSERT INTO user (id, name, senpai, key, status, invites, password, email, register) VALUES (NULL, 'admin', 0, '11111', 1, 5, '" . $hash_password . "', '" . $email . "', (SELECT datetime()) );
- CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, hash TEXT, FOREIGN KEY(owner) REFERENCES user(id));
- INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (NULL, 0, 1, '/', 'DIRECTORY', 0, 'HIDDEN', '');
+ CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UNIQUE, password TEXT, email TEXT UNIQUE, invites INTEGER, senpai INTEGER, key TEXT, status INTEGER, register TEXT, color_folder TEXT, color_file TEXT);
+ INSERT INTO user (id, name, senpai, key, status, invites, password, email, register, color_folder, color_file) VALUES (NULL, 'admin', 0, '11111', 1, 5, '" . $hash_password . "', '" . $email . "', (SELECT datetime()), 'DEFAULT', 'DEFAULT' );
+ CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, hash TEXT, download_link TEXT, FOREIGN KEY(owner) REFERENCES user(id));
+ INSERT INTO files (id, parent, owner, name, folder, size, share, hash, download_link) VALUES (NULL, 0, 1, '/', 'DIRECTORY', 0, 'HIDDEN', '', '');
CREATE TABLE IF NOT EXISTS log (id INTEGER PRIMARY KEY, user INTEGER, login TEXT, FOREIGN KEY(user) REFERENCES user(id));
CREATE TRIGGER IF NOT EXISTS delete_files AFTER DELETE ON user FOR EACH ROW BEGIN DELETE FROM files WHERE owner=OLD.id; END;
COMMIT;")
@@ -65,6 +65,7 @@ if($bool){
$_SESSION["userid"] = 1;
echo "Success! You will redirected any moment.";
+ include("include.php");
header("Refresh: 2; ".$scheme.$_SERVER["HTTP_HOST"]."/admin");
} else {
echo "Failure! :( <br>";