summaryrefslogtreecommitdiff
path: root/www/functions/func_download.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/functions/func_download.php')
-rw-r--r--www/functions/func_download.php12
1 files changed, 7 insertions, 5 deletions
diff --git a/www/functions/func_download.php b/www/functions/func_download.php
index b62e13f..64c5d90 100644
--- a/www/functions/func_download.php
+++ b/www/functions/func_download.php
@@ -64,16 +64,18 @@ function check_file_hash($db, $file_id, $download_hash){
return DOWNLOAD_FALSE_ID;
}
- $check_hash_db = $db->query("SELECT folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
+ $check_hash_db = $db->query("SELECT owner, folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
$check_hash_ar = $check_hash_db->fetchArray(SQLITE3_NUM);
- if($check_hash_ar[0] != "FILE"){
+ if($check_hash_ar[1] != "FILE"){
return DOWNLOAD_NOT_FILE;
}
- if($check_hash_ar[1] != "PUBLIC"){
- if($check_hash_ar[2] != $download_hash){
- return DOWNLOAD_PRIVATE_FILE;
+ if($check_hash_ar[2] != "PUBLIC"){
+ if($_SESSION["userid"] != $check_hash_ar[0]){
+ if($check_hash_ar[3] != $download_hash){
+ return DOWNLOAD_PRIVATE_FILE;
+ }
}
}