diff options
Diffstat (limited to 'www/upload.php')
| -rw-r--r-- | www/upload.php | 56 |
1 files changed, 43 insertions, 13 deletions
diff --git a/www/upload.php b/www/upload.php index 1c64fa1..ed25d85 100644 --- a/www/upload.php +++ b/www/upload.php @@ -10,6 +10,18 @@ function error($reason){ exit; } +function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){ + if($db->exec(" + BEGIN TRANSACTION; + INSERT INTO files (id, parent, owner, name, folder, mime, size, share, hash) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."', '" . $filehash . "'); + COMMIT; + ")){ + return true; + } else { + return false; + } +} + function upload($db){ if(!$_SESSION["login"]){ @@ -47,36 +59,54 @@ function upload($db){ $folder = "FILE"; $mime = $_FILES['userfile']['type']; $size = $_FILES['userfile']['size']; - $share = SQLite3::escapeString('$_POST[share]'); + $share = SQLite3::escapeString($_POST['share']); $uploaddir = "../files/"; - if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){ - if($db->exec(" - BEGIN TRANSACTION; - INSERT INTO files (id, parent, owner, name, folder, mime, size, share) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."'); - COMMIT; - ")){ - $id = $db->lastInsertRowID(); - $gzfile = $uploaddir . $id . ".gz"; - $fp = gzopen($gzfile, 'w9'); - if(gzwrite($fp, file_get_contents($uploaddir . $filename))){ + //$filehash = hash_file("md5", $uploaddir . $filename); + $filehash = hash_file("md5", $_FILES['userfile']['tmp_name']); + + $hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';"); + if(empty($hashtest_db)){ + + if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){ + + if(database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){ + $gzfile = $uploaddir . $filehash . ".gz"; + $fp = gzopen($gzfile, 'w9'); + + if(!gzwrite($fp, file_get_contents($uploaddir . $filename))){ + error("Something wrong writh the intern file handling."); + } + if(!gzclose($fp)){ error("Something wrong writh the intern file handling."); } + if(!unlink($uploaddir . $filename)){ error("Something wrong writh the intern file handling."); } + echo "Success!"; + } else { + error("Database error."); + } + + } else { + error("Moving failed."); + } + } else { + if(database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){ + + if(!unlink($_FILES['userfile']['tmp_name'])){ error("Something wrong writh the intern file handling."); } + echo "Success!"; } else { error("Database error."); } - } else{ - error("Upload failed"); } } |