From 139f00f5a0f27b919ba62df17db6278cd49b5324 Mon Sep 17 00:00:00 2001
From: Horus3
Date: Fri, 28 Feb 2014 15:09:25 +0100
Subject: .
---
www/functions.php | 21 ++++++++++-----------
www/index.php | 8 +++++---
www/select.php | 16 +++++++++++++---
3 files changed, 28 insertions(+), 17 deletions(-)
diff --git a/www/functions.php b/www/functions.php
index 562b393..2f18361 100644
--- a/www/functions.php
+++ b/www/functions.php
@@ -2,7 +2,7 @@
/* --LOGIN-- */
-function login(){
+function login($db){
if($_SERVER['REQUEST_METHOD'] == 'POST') {
/*___Database Query: Login___*/
@@ -11,7 +11,6 @@ function login(){
$username = SQLite3::escapeString("$unsafe_username");
$passwort = SQLite3::escapeString("$unsafe_passwort");
- $db = new SQLite3("../database/sqlite.db");
$salt_db = $db->query("SELECT salt FROM user WHERE name='$username';");
while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){
foreach($salt_array as $firstelement){
@@ -87,7 +86,7 @@ function logout(){
/* --INVITE-- */
-function invite(){
+function invite($db){
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$name=$_SESSION["username"];
$safe_name = SQLite3::escapeString("$name");
@@ -95,8 +94,6 @@ function invite(){
$email=$_POST["email"];
$safe_email=SQLite3::escapeString("$email");
- $db = new SQLite3("../database/sqlite.db");
-
$invite_db = $db->query("SELECT invites FROM user WHERE name='$safe_name';");
$invite_ar = $invite_db->fetchArray(SQLITE3_NUM);
$invite = $invite_ar[0];
@@ -161,7 +158,7 @@ function invite(){
/* --REGISTER-- */
-function register(){
+function register($db){
if($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
@@ -181,8 +178,6 @@ function register(){
exit;
}
- $db = new SQLite3("../database/sqlite.db");
-
$safe_name = SQLite3::escapeString("$name");
$safe_email = SQLite3::escapeString("$email");
@@ -248,16 +243,20 @@ function register(){
function get_404(){
echo "Sorry, page not found.
";
- select();
+// select();
exit;
}
-function select(){
- $i = 0;
+function select($db){
+
+
+
+/* $i = 0;
foreach ($_GET as $name => $value) { //value leer?
$args[$i] = $name;
echo 'Name: ' . $name . ' Value: ' . $value . '
';
$i++;
}
echo "Presented by func select()!";
+*/
}
diff --git a/www/index.php b/www/index.php
index eb96364..7105c98 100644
--- a/www/index.php
+++ b/www/index.php
@@ -4,6 +4,8 @@ session_start();
require_once("functions.php");
+$db = new SQLite3("../database/sqlite.db");
+
if(empty($_GET)){
if($_SESSION["login"]){
header("Refresh: 0; /$_SESSION[username]");
@@ -20,16 +22,16 @@ if(empty($_GET)){
if(empty($_GET["name"])){
switch($_GET["task"]){
case("login"):
- login();
+ login($db);
break;
case("logout"):
logout();
break;
case("invite"):
- invite();
+ invite($db);
break;
case("register"):
- register();
+ register($db);
break;
/* case("download"): //not implemented yet
download();
diff --git a/www/select.php b/www/select.php
index f0cd143..2fc6de1 100644
--- a/www/select.php
+++ b/www/select.php
@@ -1,10 +1,20 @@
query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($_SESSION[username]) . "';");
+$owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
+$owner = $owner_ar[0];
+
+if(empty($_GET["folder"])){
+ $parentdir=0;
+} else {
+ $folder_array_unsafe = explode("/",$_GET["folder"]);
+ $length = count($folder_array_unsafe);
+}
+
$count=0;
$result_db = $db->query("SELECT id, parent, name, share FROM files WHERE parent=$parentdir AND owner=$owner AND folder='DIRECTORY' AND share='PUBLIC';");
--
cgit v1.2.3