summaryrefslogtreecommitdiff
path: root/www/functions/func_select.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/functions/func_select.php')
-rw-r--r--www/functions/func_select.php79
1 files changed, 79 insertions, 0 deletions
diff --git a/www/functions/func_select.php b/www/functions/func_select.php
new file mode 100644
index 0000000..dc649f2
--- /dev/null
+++ b/www/functions/func_select.php
@@ -0,0 +1,79 @@
+<?
+function select($db){
+ if($_SESSION["login"]){
+ $share="";
+ } else {
+ $share ="AND share='PUBLIC'";
+ }
+
+ if(!empty($_GET["name"])){
+ $user = $_GET["name"];
+ } else {
+ failure("No user input.");
+ }
+
+ $owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';");
+ if(empty($owner_db)){
+ failure("This user doesn't exist.");
+ }
+
+ $owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
+ $owner = $owner_ar[0];
+
+ $folder_array_unsafe = explode("/",$_GET["folder"]);
+ $length = count($folder_array_unsafe);
+
+ $root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . $owner . " AND folder='DIRECTORY' " . $share . ";");
+ if(empty($root_db)){
+ failure("There is something seriously wrong. If you are a human you should never read this. Mail the admin please.");
+ }
+ $root_ar = $root_db->fetchArray(SQLITE3_NUM);
+ $root_id = $root_ar[0];
+ $parentdir = SQLite3::escapeString($root_id);
+ $temp_id = $root_id;
+
+ for($i=0; $i<$length; $i++){
+
+ if(!empty($folder_array_unsafe[$i])){
+ $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';");
+ if(empty($parentdir_db)){
+ failure("Database error.");
+ }
+ $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
+ if($parentdir != $prim_id[1]){
+
+ $wrong_folder = $folder_array_unsafe[$i];
+ $working_path[0] = $wrong_folder;
+
+ for($j=0; $j<$i; $j++){
+ $working_path[$j] = $folder_array_unsafe[$j];
+ }
+
+ get_404($working_path, $wrong_folder);
+ return false;
+ }
+
+ $parentdir = $prim_id[0];
+ }
+ }
+
+ $content_db = $db->query("SELECT * FROM files WHERE parent=" . $parentdir . " AND owner=" . $owner . ";");
+
+ $count=0;
+ while($row = $content_db->fetchArray(SQLITE3_NUM)){
+ $content[$count][0] = $row[0];
+ $content[$count][1] = $row[1];
+ $content[$count][2] = $row[2];
+ $content[$count][3] = $row[3];
+ $content[$count][4] = $row[4];
+ $content[$count][5] = $row[5];
+ $content[$count][6] = $row[6];
+ $content[$count][7] = $row[7];
+ $content[$count][8] = $row[8];
+ //echo "<a href='/". $user . "/" . $content[$count][3] . "'>" . $content[$count][3] . "</a><br>";
+ $count++;
+ }
+
+ return $content;
+
+}