From e009b1e84dcbcc83f39652695eb86c6e64cc6a11 Mon Sep 17 00:00:00 2001
From: root
Date: Wed, 26 Mar 2014 03:07:06 +0100
Subject: Now conform to HTTP/1.1. Also integrated func_download.

---
 www/index.php | 40 ++++++++++++++++++++++++++++++++--------
 1 file changed, 32 insertions(+), 8 deletions(-)

(limited to 'www/index.php')

diff --git a/www/index.php b/www/index.php
index ad7eb7d..4b09452 100755
--- a/www/index.php
+++ b/www/index.php
@@ -13,7 +13,7 @@ if(empty($_GET)){
 	if(!$_SESSION["login"]){
 		print_login(constant("EMPTY"));
 	} else {
-		header("Refresh: 0; /" . $_SESSION["username"]);
+		header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/" . $_SESSION["username"]);
 		exit;
 	}
 } else {
@@ -26,13 +26,18 @@ if(empty($_GET)){
 				if($_SERVER['REQUEST_METHOD'] == 'POST'){
 					$var = login($db);
 					if($var == LOGIN_SUCCESSFULL){
-						header("Refresh: 0; /".$_SESSION["username"]);
+						header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/".$_SESSION["username"]);
 						//account($db);
 					} else {
 						print_login($var);
 					}
 				} else {
-					print_login(constant("EMPTY"));
+					if(!$_SESSION["login"]){
+						print_login(constant("EMPTY"));
+					} else {
+						header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/" . $_SESSION["username"]);
+						exit;
+					}
 				}
 				break;
 
@@ -41,7 +46,7 @@ if(empty($_GET)){
 				if($var == LOGOUT_SUCCESSFULL){
 					print_login($var);
 				} else {
-					header("Refresh: 0; /httperror.php?e=500");
+					header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/httperror.php?e=500");
 				}
 				break;
 
@@ -53,7 +58,7 @@ if(empty($_GET)){
 				if($_SERVER['REQUEST_METHOD'] == 'POST'){
 					$var = invite($db);
 					if($var == INVITE_SUCCESSFULL){
-						header("Refresh: 0; /"); //TODO Direct link to the file browser.
+						header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/"); //TODO Direct link to the file browser.
 					} else {
 						print_invite($var);
 					}
@@ -63,6 +68,11 @@ if(empty($_GET)){
 				break;
 
 			case("register"):
+				if($_SESSION["login"]){
+					header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/" . $_SESSION["username"]);
+					exit;
+				}
+
 				if($_SERVER['REQUEST_METHOD'] == 'POST'){
 					$var = register($db);
 					if($var == REGISTER_SUCCESSFULL){
@@ -75,10 +85,24 @@ if(empty($_GET)){
 				}
 				break;
 
-/*			case("download"):	//not implemented yet
-				download();
+			case("download"):	//not implemented yet
+				if(!isset($_GET["hash"])){
+					$download_hash = "";
+				} else {
+					$download_hash = $_GET["hash"];
+				}
+				$var = check_file_hash($db, $_GET["id"], $download_hash);
+				if($var == DOWNLOAD_NOT_FILE){
+					get_404("/", "File id: ".$_GET['id']);
+				} elseif ($var == DOWNLOAD_PRIVATE_FILE){
+					$_GET["e"]="401";
+					include("httperror.php");
+				} elseif($var == DOWNLOAD_FALSE_ID){
+					$_GET["e"]="403";
+					include("httperror.php");
+				}
 				break;
-*/
+
 			case("user"):
 				account($db);
 				break;
-- 
cgit v1.2.3