<?php

function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){
	if($db->exec("
		BEGIN TRANSACTION;
		INSERT INTO files (id, parent, owner, name, folder, mime, size, share, hash) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."', '" . $filehash . "');
		COMMIT;
	")){
		return true;
	} else  {
		return false;
	}
}

function upload($path){

	$db = $GLOBALS["db"];

	if(!$_SESSION["login"]){
		return UPLOAD_LOGIN;
	}
	
	if($_FILES["userfile"]["error"] > 0 || !$_FILES['userfile']['size'] > 0 || empty($_FILES['userfile']['size'])){
		return UPLOAD_UPLOAD;
	}

	$parentdir = select_file_id($db, $_SESSION["userid"], $path);

	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$parentdir.";");
	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);

	if($folder_owner_ar[0] != $_SESSION["userid"]){
		return UPLOAD_FOLDER_NOT_OWNER;
	}

	$owner = $_SESSION["userid"];

	$overall_size_db = $db->query("SELECT size FROM files WHERE owner=" . $owner . " AND size > 0;");
	$overall_size = 0;
	$count = 0;
	while($row = $overall_size_db->fetchArray(SQLITE3_NUM)){
		$overall_size = $overall_size + $row[$count];
		$count++;
	}
	
	if($overall_size > 2147483648){		// == 2GB
		return UPLOAD_QUOTA;
	}

	$filename = $_FILES['userfile']['name'];
	$folder = "FILE";
	$mime = $_FILES['userfile']['type'];
	$size = $_FILES['userfile']['size'];

	if(isset($_POST["share"])){
		$share = "PUBLIC";
	} else {
		$share = "PRIVATE";
	}

	$uploaddir = "../files/";

	//$filehash = hash_file("md5", $uploaddir . $filename);
	$filehash = hash_file("md5", $_FILES['userfile']['tmp_name']);

	$hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';");
	$hashtest_ar = $hashtest_db->fetchArray(SQLITE3_NUM);
	if(empty($hashtest_ar[0])){

		if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){

			if(database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
				$gzfile = $uploaddir . $filehash . ".gz";
				$fp = gzopen($gzfile, 'w9');

				if(!gzwrite($fp, file_get_contents($uploaddir . $filename))){
					return UPLOAD_FILE_HANDLING;
				}

				if(!gzclose($fp)){
					return UPLOAD_FILE_HANDLING;
				}

				if(!unlink($uploaddir . $filename)){
					return UPLOAD_FILE_HANDLING;
				}

				return UPLOAD_SUCCESS;

			} else {
				return UPLOAD_DATABASE;
			}

		} else {
			return UPLOAD_MOVING;
		}
	} else {

		$dupl_db = $db->query("SELECT parent FROM files WHERE hash='" . $filehash . "';");

		while($row = $dupl_db->fetchArray(SQLITE3_NUM)){
			if($row[0] == $parentdir){
				return UPLOAD_DUPLICATE;
			}
		}
		
		if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
			return UPLOAD_DATABASE;
		}

		if(!unlink($_FILES['userfile']['tmp_name'])){
			return UPLOAD_FILE_HANDLING;
		}

		return UPLOAD_SUCCESS;
	}
}

//not used atm

//function web_upload($db){
//	$url = $_POST["url"]; 
//	if(preg_match("/^((https?|ftp)?://|www\.|ftp\.)?([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){
//		echo "hyperlink detected";
//	} else {
//		echo "no hyperlink";
//	}
//}