summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
Diffstat (limited to 'www')
-rw-r--r--www/invite.php2
-rw-r--r--www/login.php10
-rw-r--r--www/register.php18
-rw-r--r--www/select.php52
-rw-r--r--www/setup.php9
5 files changed, 42 insertions, 49 deletions
diff --git a/www/invite.php b/www/invite.php
index 471e88c..2756366 100644
--- a/www/invite.php
+++ b/www/invite.php
@@ -41,7 +41,7 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
if($db->exec("
BEGIN TRANSACTION;
- INSERT INTO user (id, name, senpai, key, status, email) VALUES (NULL, NULL, '$id', '$key', 0, '$safe_email');
+ INSERT INTO user (id, name, email, senpai, key, status) VALUES (NULL, NULL, '$safe_email', '$id', '$key', 0);
UPDATE user SET invites='$invite' WHERE id='$id';
COMMIT;")
){
diff --git a/www/login.php b/www/login.php
index e9c7c93..ed73bdc 100644
--- a/www/login.php
+++ b/www/login.php
@@ -37,10 +37,20 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
/*___Login___*/
if ($real_password == $hash_password) {
+ if($db->exec("
+ BEGIN TRANSACTION;
+ INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='$username'), (SELECT datetime()) );
+ COMMIT;
+ ")){
+
$_SESSION["login"] = true;
$_SESSION["username"] = "$unsafe_username";
header("Refresh: 0; /");
+
+ } else {
+ header("Refresh: 0; login?reason=database");
+ }
} else {
header("Refresh: 0; login?reason=failure");
}
diff --git a/www/register.php b/www/register.php
index 87c2e90..c9de638 100644
--- a/www/register.php
+++ b/www/register.php
@@ -44,6 +44,9 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
exit;
} else {
+ $id_db = $db->query("SELECT id FROM user WHERE email='$safe_email';");
+ $id_ar = $id_db->fetchArray(SQLITE3_NUM);
+ $id = $id_ar[0];
/*Generates the encrypted password and the database transactions*/
@@ -55,18 +58,13 @@ if($_SERVER['REQUEST_METHOD'] == 'POST') {
if($db->exec("
BEGIN TRANSACTION;
- UPDATE user SET name='$safe_name', salt='$salt', password='$hash_password', status=1, invites=5 WHERE email='$safe_email';
- CREATE TABLE $safe_name (id INTEGER PRIMARY KEY, folder INTEGER, name TEXT, type TEXT, mime TEXT, size INTEGER, public TEXT);
- INSERT INTO $safe_name (id, folder, name, type, public) VALUES (NULL, 0, '/', 'FOLDER', 'HIDDEN');
+ UPDATE user SET name='$safe_name', salt='$salt', password='$hash_password', invites=5, status=1, register=(SELECT datetime()) WHERE id=$id;
+ INSERT INTO files (id, parent, owner, name, folder, mime, size, share, extra) VALUES (NULL, 0, $id, '/', 'DIRECTORY', NULL, NULL, 'PUBLIC', NULL);
COMMIT;")
){
- if(mkdir("/var/www/files/files/$name")){
- $_SESSION["login"] = true;
- $_SESSION["username"] = $name;
- header("Refresh: 0; /register?reason=registration");
- } else {
- header("Refresh: 0; /register?reason=mkdir");
- }
+ $_SESSION["login"] = true;
+ $_SESSION["username"] = $name;
+ header("Refresh: 0; /register?reason=registration");
} else {
header("Refresh: 0; /register?reason=database");
}
diff --git a/www/select.php b/www/select.php
index 3ee277e..f873b51 100644
--- a/www/select.php
+++ b/www/select.php
@@ -3,51 +3,33 @@
//session_start();
$db = new SQLite3("../database/sqlite.db");
-$owner=2;
-$folder=0;
+$user=2;
+$parent=0;
+
+function select_db ($parentdir, $owner){
+ $result_db = $db->query("SELECT id, folder, name, public FROM files WHERE parent=$parentdir AND owner=$owner AND type='DIRECTORY' AND share='PUBLIC';");
+
+ while ($result = $result_db->fetchArray()){
+ $array[$count]=$result; /*2D Array, an Stelle $count ist das $result Array mit Ergebnissen des SELECTs abgelegt*/
+ $count++;
+ }
+
+ return $array;
+}
+
+/*
$rows = $db->query("SELECT count(*) as count FROM files WHERE owner=$owner;");
$row = $rows->fetchArray();
$numRows = $row["count"];
for($i=0;$i<$numRows;$i++){
- $result_db = $db->query("SELECT id, folder, name, public FROM files WHERE folder=$folder AND owner=$owner AND type='directory' AND public='share';");
- $result_ar = $result_db->fetchArray(SQLITE3_NUM);
- $folder=$result_ar[0];
-
-// $laenge = $result_db->fetchArray();
-// echo "query matches: ". count($laenge);
-
-
- $count=0;
-// $array[0]="";
- while ($row = $result_db->fetchArray()) {
-// var_dump($row);
-// echo "laenge row: " . count($row[name]) . " laenge result_db: " . count($result_db) . "";
-// echo "row: " . $row["name"] . "<br>";
-// $row_ar[$k]=$row["name"];
-// echo "array: " . count($row_ar);
-// print_r($row);
- $array[$count]=$row; /*2D Array, an Stelle $count ist das $row Array abgelegt */
- echo $array[$count][2] . "<br>";
-// echo "<br>";
- $count++;
- }
-
-// $arraylength=count($array);
- for($j=0;$j<$count;$j++){
- echo $array[$j][2] . "<br>"; /*Gibt den Namen des Ordners aus dem $row Array aus*/
- }
-// echo "primary key: $result_ar[0]; parent dir: $result_ar[1]; dir name: $result_ar[2]; share stat: $result_ar[3]; length: " . count($result_ar) . "; numRows: $numRows";
- echo "<br> dir name: $result_ar[2], $result_ar[3]; <br>";
- if(!$db->exec("SELECT id FROM files WHERE folder=$folder;")){
+ if(!$db->exec("SELECT id FROM files WHERE folder=$parent;")){
echo "Break!";
exit;
}
}
-
-
-// SELECT id, folder, name, public FROM files WHERE folder=$folder AND owner=$owner AND type='directory' AND public='public';"
+*/
diff --git a/www/setup.php b/www/setup.php
index 00aa9ed..a67bd54 100644
--- a/www/setup.php
+++ b/www/setup.php
@@ -1,6 +1,6 @@
<?
-/*Sets up the database with the user table. Add ?drop to drop _everything_*/
+/*Sets up the database with the necessary tables. Add ?drop to drop _everything_*/
$db = new SQLite3("../database/sqlite.db");
@@ -14,7 +14,7 @@ if($bool){
if($db->exec("
BEGIN TRANSACTION;
PRAGMA writable_schema = 1;
- delete from sqlite_master where type = 'table';
+ DELETE FROM sqlite_master WHERE type = 'table';
PRAGMA writable_schema = 0;
COMMIT;
VACUUM;")
@@ -25,6 +25,7 @@ if($bool){
}
} else {
$cleartext_password="password";
+ $email="admin@iamfabulous.de";
$salt = uniqid(mt_rand(), true);
$password = "$salt"."$cleartext_password";
$hash_password = md5($password);
@@ -35,7 +36,9 @@ if($bool){
if($db->exec("
BEGIN TRANSACTION;
CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UIQUE, senpai INTEGER, key TEXT, status INTEGER, invites INTEGER, salt TEXT, password TEXT, email TEXT UNIQUE);
- INSERT INTO user (id, name, senpai, key, status, invites, salt, password, email) VALUES (NULL, 'admin', 0, '11111', 1, 5, '$salt', '$hash_password', 'admin@iamfabulous.de');
+ INSERT INTO user (id, name, senpai, key, status, invites, salt, password, email) VALUES (NULL, 'admin', 0, '11111', 1, 5, '$salt', '$hash_password', '$email');
+ CREATE TABLE IF NOT EXISTS files (id INTEGER PRIMARY KEY, parent INTEGER, owner INTEGER, name TEXT, folder TEXT, mime TEXT, size INTEGER, share TEXT, extra TEXT, FOREIGN KEY(owner) REFERENCES user(id));
+ CREATE TABLE IF NOT EXISTS log (id INTEGER PRIMARY KEY, user INTEGER, login TEXT, FOREIGN KEY(user) REFERENCES user(id));
COMMIT;")
) {
echo "Success!";