summaryrefslogtreecommitdiff
path: root/www/select.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/select.php')
-rw-r--r--www/select.php53
1 files changed, 43 insertions, 10 deletions
diff --git a/www/select.php b/www/select.php
index 494709f..2dc1506 100644
--- a/www/select.php
+++ b/www/select.php
@@ -4,17 +4,48 @@ session_start();
$db = new SQLite3("../database/sqlite.db");
-$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($_SESSION[username]) . "';");
-$owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
-$owner = $owner_ar[0];
+function failure($reason){
+ echo "A 404 error occurred. <br>";
+ echo $reason;
+ exit;
+}
-if(empty($_GET["folder"])){
- $parentdir=0;
+if(!empty($_GET["name"])){
+ $user = $_GET["name"];
} else {
- $folder_array_unsafe = explode("/",$_GET["folder"]);
- $length = count($folder_array_unsafe);
+ failure("No user found.");
}
+$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';");
+$owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
+$owner = $owner_ar[0];
+
+$folder_array_unsafe = explode("/",$_GET["folder"]);
+$length = count($folder_array_unsafe);
+
+$root_db = $db->query("SELECT id FROM files WHERE owner= " . $owner . "AND folder='DIRECTORY' AND share='PUBLIC' AND parent=0;");
+$root_ar = $root_db->fetchArray(SQLITE3_NUM);
+$root_id = $root_ar[0];
+$parentdir = SQLite3::escapeString($root_id);
+$temp_id = $root_id;
+
+
+for($i=0; $i<$length; $i++){
+ $parentdir_db = $db->query("SELECT id, parent WHERE owner=" . $owner . "AND folder='DIRECTORY' AND share='PUBLIC' AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i] . "';");
+ if(empty($parentdir_db)){
+ failure("This folder doesn't exist.");
+ }
+ $parentdir_ar = $parentdir_db->fetchArray(SQLITE3_NUM);
+ if($temp_id != $parentdir_ar[1]){
+ failure("This folder doesn't exist.");
+ } else {
+ $temp_id = $parentdir_ar[0];
+ }
+
+ echo $folder_array_unsafe[$i];
+ echo "<br>";
+}
+/*
$count=0;
$result_db = $db->query("SELECT id, parent, name, share FROM files WHERE owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';");
@@ -24,16 +55,18 @@ while($result[$count] = $result_db->fetchArray(SQLITE3_NUM)){
echo "Found " . $count . " folder. <br>";
+*/
+/*
for($i=0;$i<$count;$i++){
echo "name: " . $result[$i][2] . "<br>";
-/*
+
for($j=0;$j < count($result[$i]); $j++){
echo "name: " . $result[$i][$j] . "<br>";
}
-*/
-}
+}
+*/
/*
while($result[$count]=$result_db->fetchArray(SQLITE3_NUM)){
while(!empty($result)){