query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';"); $owner_ar = $owner_db->fetchArray(SQLITE3_NUM); if(empty($owner_ar)){ failure("This user doesn't exist."); } $owner = $owner_ar[0]; $folder_array_unsafe = explode("/",$_GET["folder"]); $length = count($folder_array_unsafe); $root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . $owner . " AND folder='DIRECTORY' " . $share . ";"); $root_ar = $root_db->fetchArray(SQLITE3_NUM); if(empty($root_ar)){ failure("There is something seriously wrong. If you are a human you should never read this. Mail the admin please."); } $root_id = $root_ar[0]; $parentdir = SQLite3::escapeString($root_id); $temp_id = $root_id; for($i=0; $i<$length; $i++){ if(!empty($folder_array_unsafe[$i])){ $parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . " AND folder='DIRECTORY' " . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';"); $prim_id = $parentdir_db->fetchArray(SQLITE3_NUM); if(empty($prim_id)){ failure("Database error."); } if($parentdir != $prim_id[1]){ $wrong_folder = $folder_array_unsafe[$i]; $working_path[0] = $wrong_folder; for($j=0; $j<$i; $j++){ $working_path[$j] = $folder_array_unsafe[$j]; } get_404($working_path, $wrong_folder); return false; } $parentdir = $prim_id[0]; } } $content_db = $db->query("SELECT * FROM files WHERE parent=" . $parentdir . " AND owner=" . $owner . ";"); $count=0; while($row = $content_db->fetchArray(SQLITE3_NUM)){ $content[$count][0] = $row[0]; $content[$count][1] = $row[1]; $content[$count][2] = $row[2]; $content[$count][3] = $row[3]; $content[$count][4] = $row[4]; $content[$count][5] = $row[5]; $content[$count][6] = $row[6]; $content[$count][7] = $row[7]; $content[$count][8] = $row[8]; $count++; } return $content; }