diff options
| -rw-r--r-- | www/createfolder.php | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/www/createfolder.php b/www/createfolder.php new file mode 100644 index 0000000..ae54329 --- /dev/null +++ b/www/createfolder.php @@ -0,0 +1,67 @@ +<?php + +session_start(); + +if(!$_SESSION["login"]){ + header("Refresh: 0; /login"); + exit; +} + +function database_error(){ + echo "Database error!" + exit; +} + +$folder=$_POST["folder"]; +$name = $_SESSION["username"]; +$public = SQLite3::escapeString("$_POST[public]"); +$pwd = SQLite3::escapeString("$_POST[pdw]"); +$type = SQLite3::escapeString("$_POST[typ]"); + +if(preg_match("/^//", $folder)){ + $absolutpath = true; +} else { + $absolutpath = false; +} + +$folder_array_unsafe = explode("/",$folder); +$length = count($folder); + +$db = new SQLite3("../database/sqlite.db"); + +$k=1; + +for($i=0; $i++; $i<$length){ + $folder_array[$i]=SQLite3::escapeString("$folder_array_unsafe[$i]"); + if($absolutpath){ + + if(db->exec(" + BEGIN TRANSACTION; + INSERT INTO $name (id, folder, name, type, public) VALUES (NULL, $k, $folder_array[$i], '$type', '$public'); + COMMIT; + ")){ + $primary_key_db = $db->query("SELECT id FROM $name WHERE name='$folder_array[$i]"); + $primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM); + $primary_key = $primary_key_ar[0]; + $k=$primary_key; + } else { + database_error(); + } + } else { + $primary_key_db = $db->query("SELECT id FROM $name WHERE name='$pwd'"); + $primary_key_ar = $primary_key_db->fetchArray(SQLITE3_NUM); + $primary_key = $primary_key_ar[0]; + if(db->exec(" + BEGIN TRANSACTION; + INSERT INTO $name (id, folder, name, type, public) VALUES (NULL, $primary_key, '$folder_array[$i]', '$type', '$public'); + COMMIT; + ")){ + $pwd='$folder_array[$i]'; + } else { + database_error(); + } + } + +} + +echo "END"; |