diff options
Diffstat (limited to 'www')
| -rwxr-xr-x | www/functions/func_content.php | 8 | ||||
| -rwxr-xr-x | www/functions/func_interface.php | 4 | ||||
| -rwxr-xr-x | www/functions/func_select.php | 7 | ||||
| -rwxr-xr-x | www/login.php | 2 | ||||
| -rwxr-xr-x | www/register.php | 10 |
5 files changed, 16 insertions, 15 deletions
diff --git a/www/functions/func_content.php b/www/functions/func_content.php index 7e2281b..9500f06 100755 --- a/www/functions/func_content.php +++ b/www/functions/func_content.php @@ -1,8 +1,8 @@ <?php -function get_content($db, $parentdir, $owner){ +function get_content($db, $file_id, $owner){ - $content_db = $db->query("SELECT * FROM files WHERE parent=" . $parentdir . " AND owner=" . $owner . ";"); + $content_db = $db->query("SELECT * FROM files WHERE parent=" . $file_id . " AND owner=" . $owner . ";"); $count=0; @@ -20,8 +20,8 @@ function get_content($db, $parentdir, $owner){ } if(!empty($content)){ - return $content; + return $content; // returns everything listed in the folder which is commited as parameter } else { - return false; + return false; // empty folder } } diff --git a/www/functions/func_interface.php b/www/functions/func_interface.php index e0bc0e9..266a24f 100755 --- a/www/functions/func_interface.php +++ b/www/functions/func_interface.php @@ -7,9 +7,9 @@ function show($db){ failure("This user doesn't exist!"); } - $parentdir = select($db, $owner); + $file_id = select_file_id($db, $owner); - $content = get_content($db, $parentdir, $owner); + $content = get_content($db, $file_id, $owner); if(!$content){ failure("This folder is empty."); diff --git a/www/functions/func_select.php b/www/functions/func_select.php index f0dc601..357b6b6 100755 --- a/www/functions/func_select.php +++ b/www/functions/func_select.php @@ -1,5 +1,5 @@ <?php -function select($db, $owner){ +function select_file_id($db, $owner){ if($_SESSION["login"] && $_SESSION["userid"] == $owner){ // TODO: Check if loged in user really the user who does the query - fix 12.3.14 $share=""; // to print all files, even hidden ones @@ -33,13 +33,12 @@ function select($db, $owner){ $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';"); if(empty($folder_array_unsafe[$i])){ - return $parentdir; + return $parentdir; // TODO: Is there a way this can happen? } $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); if(empty($prim_id)){ failure("Database error."); - echo $prim_id; } if($parentdir != $prim_id[1]){ @@ -58,6 +57,6 @@ function select($db, $owner){ $parentdir = $prim_id[0]; } - return $parentdir; + return $parentdir; // returns the primary key from the last entry in the folder array } diff --git a/www/login.php b/www/login.php index 4d7ed6b..d520a18 100755 --- a/www/login.php +++ b/www/login.php @@ -1,6 +1,6 @@ <?php /* - Displays the login page and possible errors. Users can enter their username and password to login. TODO recover Password + Displays the login page and possible errors. Users can enter their username and password to login. TODO recover Password --why? It has already been checked that the user isn't already logged in. $case can have the following values: diff --git a/www/register.php b/www/register.php index 0981c20..05bed6e 100755 --- a/www/register.php +++ b/www/register.php @@ -2,11 +2,11 @@ /* Displays the register page and possible errors. Users specify their username and password and email address to register. As this page is invite-only users must enter their invite-key aswell. - TODO the email cannot differ from the address the mail was sent to. + TODO the email cannot differ from the address the mail was sent to. --that's fine and should be - TODO Username is not checked for duplicates. + TODO Username is not checked for duplicates. --fix 16.3.2014 - TODO invites should have it's own error. + TODO invites should have it's own error. --fix 16.3.2014 It has already been checked that the user isn't already logged in. @@ -20,8 +20,10 @@ REGISTER_PROHIBITED: Specifies that the request could not be fullfilled because the account has been marked "blocked" - + REGISTER_INVITEKEY: Specifies that the request could not be fullfilled because the invitekey does not match the database entry. + REGISTER_USERNAME: Specifies that the request could not be fullfilled because the username already exists. + ================================================================================================================================================== */ |