aboutsummaryrefslogtreecommitdiff
path: root/www/functions/notused/func_delete.php
diff options
context:
space:
mode:
authorroot2014-04-14 08:35:13 +0200
committerroot2014-04-14 08:35:13 +0200
commit12734da8826299ffd24c0a15f6dbf205892d7221 (patch)
tree3b894dd30e332df23a564ce44e42ce164c8abd78 /www/functions/notused/func_delete.php
parent7b9d516cd3bcdb8eaa5f1eb533d71010061c681b (diff)
downloadjungegemeinde-12734da8826299ffd24c0a15f6dbf205892d7221.tar.gz
Pushed to v3
Diffstat (limited to 'www/functions/notused/func_delete.php')
-rw-r--r--www/functions/notused/func_delete.php207
1 files changed, 207 insertions, 0 deletions
diff --git a/www/functions/notused/func_delete.php b/www/functions/notused/func_delete.php
new file mode 100644
index 0000000..6220f8a
--- /dev/null
+++ b/www/functions/notused/func_delete.php
@@ -0,0 +1,207 @@
+<?php
+
+/*
+ expected state: tested?; but broken
+*/
+
+function check_if_deletable($db, $id, $hash){
+ $check_db = $db->query("SELECT hash FROM files WHERE id!=".$id." AND folder='FILE';");
+
+ $count = 0;
+ while($check_ar = $check_db->fetchArray(SQLITE3_NUM)){
+ if($check_ar[0] == $hash){
+ $count = $count +1;
+ break;
+ }
+ }
+
+ if($count == 0){
+ return true;
+ } else {
+ return false;
+ }
+}
+
+function delete_file($user, $path){
+
+ if(!$_SESSION["login"]){
+ return DELETE_FILE_LOGIN;
+ }
+
+ $db = $GLOBALS["db"];
+ $uploaddir = "../files/";
+
+ $file_id = select_file_id($db, $user, $path);
+
+ $file_owner_db = $db->query("SELECT owner FROM files WHERE id=".$file_id.";");
+ $file_owner_ar = $file_owner_db->fetchArray(SQLITE3_NUM);
+
+ if($file_owner_ar[0] != $_SESSION["userid"]){
+ return DELETE_FILE_NOT_OWNER;
+ }
+
+ $check_if_file_db = $db->query("SELECT folder, hash FROM files WHERE id=".$file_id.";");
+ $check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM);
+
+ if($check_if_file_ar[0] != "FILE"){
+ return DELETE_FILE_NO_FILE;
+ }
+
+ $file_hash = $check_if_file_ar[1];
+
+ $hash_array_db = $db->query("SELECT hash FROM files WHERE hash='".$file_hash.";'");
+ $count = 0;
+
+ while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
+ $hash_ar[$count] = $row1[0];
+ $count++;
+ }
+
+ $count = 0;
+
+ for($i=0; $i<count($hash_ar); $i++){
+ $file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]. "';");
+ while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
+ if($row2[1] != $_SESSION["userid"]){
+ $saved_files[$count] = $hash_ar[$i];
+ }
+ $count++;
+ }
+ }
+
+ for($i=0; $i<count($saved_files); $i++){
+ $cur = $saved_files[$i];
+ for($j=0; $j<count($hash_ar); $j++){
+ if($cur == $hash_ar[$j]){
+ $hash_ar[$j] = "";
+ }
+ }
+ }
+
+ for($i=0; $i<count($hash_ar); $i++){
+ if(!$file_hash[$i] != ""){
+ if(!unlink($uploaddir.$file_hash.".gz")){
+ return DELETE_FILE_UNLINK;
+ }
+ }
+ }
+
+ if($db->exec("
+ BEGIN TRANSACTION;
+ DELETE FROM files WHERE id=".$file_id.";
+ COMMIT;
+ ")){
+ return DELETE_FILE_SUCCESS;
+ } else {
+ return DELETE_FILE_DATABASE;
+ }
+}
+
+function delete_folder($user, $path){
+
+ if(!$_SESSION["login"]){
+ return DELETE_FOLDER_LOGIN;
+ }
+
+ $db = $GLOBALS["db"];
+
+ $folder_id = select_file_id($db, $user, $path);
+
+ $folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$folder_id.";");
+ $folder_owner_ar = $db->fetchArray(SQLITE3_NUM);
+
+ if($folder_owner_ar[0] != $_SESSION["userid"]){
+ return DELETE_FOLDER_NOT_OWNER;
+ }
+
+ $folder_content_db = $db->query("SELECT id FROM files WHERE parent=".$folder_id.";");
+ $folder_content_ar = $folder_content_db->fetchArray(SQLITE3_NUM);
+
+ if(empty($folder_content_ar[0])){
+ return DELETE_FOLDER_NOT_EMPTY;
+ }
+
+ if($db->exec("
+ BEGIN TRANSACTION;
+ DELETE FROM files WHERE id=".$folder_id.";
+ COMMIT;
+ ")){
+ return DELETE_FOLDER_SUCCESS;
+ } else {
+ return DELETE_FOLDER_DATABASE;
+ }
+}
+
+function delete_user($user, $password, $password_verify){
+
+ if(!$_SESSION["login"]){
+ return DELETE_USER_LOGIN;
+ }
+
+ $db = $GLOBALS["db"];
+ $uploaddir = "../files/";
+
+ $owner = user_id($db, $user);
+
+ if(($password != $password_verify ) || $password = ""){
+ return DELETE_USER_EMPTY_PASSWORD;
+ }
+
+ $password_hash_db = $db->query("SELECT password FROM user WHERE id=".$owner.";");
+ $password_hash_ar = $password_hash_db->fetchArray(SQLITE3_NUM);
+
+ $admin_password_hash_db = $db->query("SELECT password FROM user WHERE id=1;");
+ $admin_password_hash_ar = $admin_password_hash_db->fetchArray(SQLITE3_NUM);
+
+ if(!password_verify($password, $password_hash_ar[0]) || !password_verify($password, $admin_password_hash_ar[0])){
+ return DELETE_USER_WRONG_PASSWORD;
+ }
+
+ $hash_array_db = $db->query("SELECT hash FROM files WHERE folder='FILE' AND owner=".$owner.";");
+
+ $count = 0;
+
+ while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
+ $hash_ar[$count] = $row1[0];
+ $count++;
+ }
+
+ $count = 0;
+
+ for($i=0; $i<count($hash_ar); $i++){
+ $file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]."';");
+ while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
+ if($row2[1] != $_SESSION["userid"]){
+ $saved_files[$count] = $hash_ar[$i];
+ }
+ $count++;
+ }
+ }
+
+ for($i=0; $i<count($saved_files); $i++){
+ $cur = $saved_files[$i];
+ for($j=0;$j<count($hash_ar); $j++){
+ if($cur == $hash_ar[$j]){
+ $hash_ar[$j] = "";
+ }
+ }
+ }
+
+ for($i=0; $ii<count($hash_ar); $i++){
+ if($hash_ar[$i] != ""){
+ if(!unlink($uploaddir.$hash_ar[$i].".gz")){
+ return DELETE_USER_FILE_DELETE;
+ }
+ }
+ }
+
+ if($db->exec("
+ BEGIN TRANSACTION;
+ DELETE FROM user WHERE id=".$owner.";
+ COMMIT;
+ ")){
+ return DELETE_USER_SUCCESS;
+ } else {
+ return DELETE_USER_DATABASE;
+ }
+}