8 files changed, 959 insertions, 0 deletions
diff --git a/www/functions/notused/func_content.php b/www/functions/notused/func_content.php
new file mode 100755
index 0000000..ad0c87e
--- /dev/null
+++ b/www/functions/notused/func_content.php
@@ -0,0 +1,121 @@
+<?php
+
+function collect_content($db,$username, $folder_path){
+	$owner = user_id($db, $username);
+
+	if(!$owner){
+		failure("This user doesn't exist!");
+	}
+
+	$file_id = select_file_id($db, $owner, $folder_path);
+
+	if(!$file_id){
+		return FILE_NOT_FOUND;
+	}
+
+	$content = get_content($db, $file_id, $owner);
+
+	if(!$content){
+		return EMPTY_FOLDER;
+	}
+	
+	return $content;
+}
+
+function get_content($db, $file_id, $owner){
+
+	if($_SESSION["login"] && $_SESSION["userid"] == $owner){
+		$share="";
+	} else {
+		$share =" AND share='PUBLIC'";
+	}
+
+	$content_db = $db->query("SELECT * FROM files WHERE parent=" . $file_id . " AND owner=" . $owner . $share . " ORDER BY folder, name;");
+	
+	$count=0;
+
+	while($row = $content_db->fetchArray(SQLITE3_NUM)){
+		$content[$count][0] = $row[0];
+		$content[$count][1] = $row[1];
+		$content[$count][2] = $row[2];
+		$content[$count][3] = $row[3];
+		$content[$count][4] = $row[4];
+		$content[$count][5] = $row[5];
+		$content[$count][6] = $row[6];
+		$content[$count][7] = $row[7];
+		$content[$count][8] = $row[8];
+		$count++;
+	}
+
+	if(!empty($content)){
+		return $content;	// returns everything listed in the folder which is commited as parameter
+	} else {
+		return false;		// empty folder
+	}
+}
+
+function get_path_to_wrong_folder($db, $username, $folder_path){
+
+	$owner = user_id($db, $username);
+
+	if($_SESSION["login"] && $_SESSION["userid"] == $owner){
+		$share = "";
+	} else {
+		$share =" AND share='PUBLIC'";
+	}
+
+	$folder_array_unsafe = explode("/",$folder_path);
+	$length = count($folder_array_unsafe);
+
+	$root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . SQLite3::escapeString($owner) . " AND folder='DIRECTORY' " . $share . ";");
+	$root_ar = $root_db->fetchArray(SQLITE3_NUM);
+	$root_id = $root_ar[0];
+
+	if(empty($root_id)){
+		return FOLDER_NOT_PUBLIC;
+	}
+
+	$parentdir = $root_id;
+	
+	for($i=0; $i<$length; $i++){
+		$parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . $share . " AND parent=". $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';");
+		$prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
+
+		if($parentdir != $prim_id[1]){
+			$wrong_folder = $folder_array_unsafe[$i];
+			$working_path[0] = $wrong_folder;
+
+			for($j=0; $j<$i; $j++){
+				$working_path[$j] = $folder_array_unsafe[$j];
+			}
+
+			$lwp = count($working_path);
+			$working_path[$lwp] = $wrong_folder;
+
+			if($i == 0){
+				$working_path[0] = "";	// shows just the root slash
+			}
+
+			return $working_path; 	// returns working path and wrong folder as an array
+		}
+
+		$parentdir = $prim_id[0];
+
+	}
+
+	return false;
+}
+
+function print_wrong_folder($content){
+
+	$length = count($content);
+
+	$wrong_folder = $content[$length-1];
+	$working_path[0] = $wrong_folder;	// initialize empty array
+	
+	for($i=0; $i<$length-1; $i++){
+		$working_path[$i] = $content[$i];
+	}
+
+	get_404($working_path, $wrong_folder);
+}
diff --git a/www/functions/notused/func_delete.php b/www/functions/notused/func_delete.php
new file mode 100644
index 0000000..6220f8a
--- /dev/null
+++ b/www/functions/notused/func_delete.php
@@ -0,0 +1,207 @@
+<?php
+
+/*
+	expected state: tested?; but broken
+*/
+
+function check_if_deletable($db, $id, $hash){
+	$check_db = $db->query("SELECT hash FROM files WHERE id!=".$id." AND folder='FILE';");
+	
+	$count = 0;
+	while($check_ar = $check_db->fetchArray(SQLITE3_NUM)){
+		if($check_ar[0] == $hash){
+			$count = $count +1;
+			break;
+		}
+	}
+
+	if($count == 0){
+		return true;
+	} else {
+		return false;
+	}
+}
+
+function delete_file($user, $path){
+
+	if(!$_SESSION["login"]){
+		return DELETE_FILE_LOGIN;
+	}
+
+	$db = $GLOBALS["db"];
+	$uploaddir = "../files/";
+
+	$file_id = select_file_id($db, $user, $path);
+
+	$file_owner_db = $db->query("SELECT owner FROM files WHERE id=".$file_id.";");
+	$file_owner_ar = $file_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($file_owner_ar[0] != $_SESSION["userid"]){
+		return DELETE_FILE_NOT_OWNER;
+	}
+
+	$check_if_file_db = $db->query("SELECT folder, hash FROM files WHERE id=".$file_id.";");
+	$check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM);
+
+	if($check_if_file_ar[0] != "FILE"){
+		return DELETE_FILE_NO_FILE;
+	}
+
+	$file_hash = $check_if_file_ar[1];
+
+	$hash_array_db = $db->query("SELECT hash FROM files WHERE hash='".$file_hash.";'");
+	$count = 0;
+
+	while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
+		$hash_ar[$count] = $row1[0];
+		$count++;
+	}
+
+	$count = 0;
+
+	for($i=0; $i<count($hash_ar); $i++){
+		$file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i].    "';");			
+		while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
+			if($row2[1] != $_SESSION["userid"]){
+				$saved_files[$count] = $hash_ar[$i];			
+			}
+			$count++;
+ 		}
+	}
+
+	for($i=0; $i<count($saved_files); $i++){
+		$cur = $saved_files[$i];
+		for($j=0; $j<count($hash_ar); $j++){
+			if($cur == $hash_ar[$j]){
+				$hash_ar[$j] = "";
+			}
+		}
+	}
+	
+	for($i=0; $i<count($hash_ar); $i++){
+		if(!$file_hash[$i] != ""){
+			if(!unlink($uploaddir.$file_hash.".gz")){
+				return DELETE_FILE_UNLINK;
+			}
+		}
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DELETE FROM files WHERE id=".$file_id.";
+		COMMIT;
+	")){
+		return DELETE_FILE_SUCCESS;
+	} else {
+		return DELETE_FILE_DATABASE;
+	}
+}
+
+function delete_folder($user, $path){
+
+	if(!$_SESSION["login"]){
+		return DELETE_FOLDER_LOGIN;
+	}
+
+	$db = $GLOBALS["db"];
+
+	$folder_id = select_file_id($db, $user, $path);
+
+	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$folder_id.";");
+	$folder_owner_ar = $db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return DELETE_FOLDER_NOT_OWNER;
+	}
+
+	$folder_content_db = $db->query("SELECT id FROM files WHERE parent=".$folder_id.";");
+	$folder_content_ar = $folder_content_db->fetchArray(SQLITE3_NUM);
+	
+	if(empty($folder_content_ar[0])){
+		return DELETE_FOLDER_NOT_EMPTY;
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DELETE FROM files WHERE id=".$folder_id.";
+		COMMIT;
+	")){
+		return DELETE_FOLDER_SUCCESS;
+	} else {
+		return DELETE_FOLDER_DATABASE;
+	}
+}
+
+function delete_user($user, $password, $password_verify){
+
+	if(!$_SESSION["login"]){
+		return DELETE_USER_LOGIN;
+	}
+
+	$db = $GLOBALS["db"];
+	$uploaddir = "../files/";
+
+	$owner = user_id($db, $user);
+
+	if(($password != $password_verify ) || $password = ""){
+		return DELETE_USER_EMPTY_PASSWORD;
+	}
+
+	$password_hash_db = $db->query("SELECT password FROM user WHERE id=".$owner.";");
+	$password_hash_ar = $password_hash_db->fetchArray(SQLITE3_NUM);
+
+	$admin_password_hash_db = $db->query("SELECT password FROM user WHERE id=1;");
+	$admin_password_hash_ar = $admin_password_hash_db->fetchArray(SQLITE3_NUM);
+
+	if(!password_verify($password, $password_hash_ar[0]) || !password_verify($password, $admin_password_hash_ar[0])){
+		return DELETE_USER_WRONG_PASSWORD;
+	}
+
+	$hash_array_db = $db->query("SELECT hash FROM files WHERE folder='FILE' AND owner=".$owner.";");
+
+	$count = 0;
+
+	while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
+		$hash_ar[$count] = $row1[0];
+		$count++;
+	}
+
+	$count = 0;
+
+	for($i=0; $i<count($hash_ar); $i++){
+		$file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]."';");
+		while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
+			if($row2[1] != $_SESSION["userid"]){
+				$saved_files[$count] = $hash_ar[$i];
+			}
+		$count++;
+		}
+	}
+
+	for($i=0; $i<count($saved_files); $i++){
+		$cur = $saved_files[$i];
+		for($j=0;$j<count($hash_ar); $j++){
+			if($cur == $hash_ar[$j]){
+				$hash_ar[$j] = "";
+			}
+		}
+	}
+
+	for($i=0; $ii<count($hash_ar); $i++){
+		if($hash_ar[$i] != ""){
+			if(!unlink($uploaddir.$hash_ar[$i].".gz")){
+				return DELETE_USER_FILE_DELETE;
+			}
+		}
+	}	
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DELETE FROM user WHERE id=".$owner.";
+		COMMIT;
+	")){
+		return DELETE_USER_SUCCESS;
+	} else {
+		return DELETE_USER_DATABASE;
+	}
+}
diff --git a/www/functions/notused/func_download.php b/www/functions/notused/func_download.php
new file mode 100644
index 0000000..26b25b1
--- /dev/null
+++ b/www/functions/notused/func_download.php
@@ -0,0 +1,123 @@
+<?php
+
+/*
+	Expected state: tested, should work.
+*/
+
+function check_if_file($db, $name, $folder_path){
+
+	$owner = user_id($db, $name);
+
+	$file_id = select_file_id($db, $owner, $folder_path);
+
+	if($file_id){
+		$check_if_file_db = $db->query("SELECT folder FROM files WHERE id=".$file_id.";");
+		$check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM);
+
+		if($check_if_file_ar[0] == "FILE"){
+			return true;
+		} else {
+			return false;
+		}
+	} else {
+		//$content = get_path_to_empty_folder($db, $name, $folder_path);
+		//print_empty_folder($content);
+		//get_404("/", "Protected file");
+		return false;
+	}
+}
+
+function start_file_download($user, $path){
+
+	$db = $GLOBALS["db"];
+
+	$owner = user_id($db, $user);
+
+	$file_id = select_file_id($db, $owner, $path);
+
+	$file_db = $db->query("SELECT owner, share FROM files WHERE id=" . $file_id . ";");
+	$file_ar = $file_db->fetchArray(SQLITE3_NUM);
+	$file_owner = $file_ar[0];
+	$share = $file_ar[1];
+
+	if($_SESSION["login"] && ($_SESSION["userid"] == $file_owner)){
+		if(download_file($db, $file_id)){
+			return true;
+		} else {
+			return false;
+		}
+	} else {
+		if($share != "PUBLIC"){
+			return false;
+		}
+
+		if(download_file($db, $file_id)){
+			return true;
+		} else {
+			return false;
+		}
+	}
+}
+
+function check_file_hash($db, $file_id, $download_hash){
+	if(preg_match("/[^0-9]/", $file_id)){
+		return DOWNLOAD_FALSE_ID;
+	}
+
+	$check_hash_db = $db->query("SELECT owner, folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
+	$check_hash_ar = $check_hash_db->fetchArray(SQLITE3_NUM);
+
+	if($check_hash_ar[1] != "FILE"){
+		return DOWNLOAD_NOT_FILE;
+	}
+
+	if($check_hash_ar[2] != "PUBLIC"){
+		if($_SESSION["userid"] != $check_hash_ar[0]){
+			if($check_hash_ar[3] != $download_hash){
+				return DOWNLOAD_PRIVATE_FILE;
+			}
+		}
+	}
+
+	if(!download_file($db, $file_id)){
+		return false;
+	} else {
+		return true;
+	}
+
+}
+
+function download_file($db, $file_id){
+
+	$file_db = $db->query("SELECT name, mime, size, hash FROM files WHERE id=". SQLite3::escapeString($file_id).";");
+	$file_ar = $file_db->fetchArray(SQLITE3_NUM);
+
+	$file_name = $file_ar[0];
+	$file_mime = $file_ar[1];
+	$file_size = $file_ar[2];
+	$file_hash = $file_ar[3];
+
+	$uploaddir = "../files/";
+	$gzip_file = $uploaddir . $file_hash . ".gz";
+
+//TODO: buffer output, print if reading == true
+
+	header("Content-Type: ".$file_mime);
+
+	if(!preg_match("/^image\/.+/", $file_mime)){
+		header("Content-Disposition: attachment; filename=\"".$file_name."\"");
+	} else {
+		header("filename=".$file_name."");
+	}
+	header("Content-Length: ".$file_size);
+	set_time_limit(0);
+	$uncompressed_file = readgzfile($gzip_file);
+
+	if($uncompressed_file){
+		return true;
+	} else {
+		return false;
+	}
+
+
+}
diff --git a/www/functions/notused/func_folder.php b/www/functions/notused/func_folder.php
new file mode 100644
index 0000000..044fd8e
--- /dev/null
+++ b/www/functions/notused/func_folder.php
@@ -0,0 +1,162 @@
+<?php
+
+function database_mkdir($db, $file_id, $new_folder_name, $share){
+	if($db->exec("
+		BEGIN TRANSACTION;
+		INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (Null, " . $file_id . ", " . $_SESSION['userid'] . ", '" . SQLite3::escapeString($new_folder_name) . "', 'DIRECTORY', 0, '" . SQLite3::escapeString($share) . "', '');
+		COMMIT;
+	")){
+		return true;
+	} else {
+		return false;
+	}
+}
+
+function create_folder($path, $new_folder_name, $share){
+
+	$db = $GLOBALS["db"];
+
+	if(!$_SESSION["login"]){
+		return MKDIR_LOGIN;
+	}
+
+	$file_id = select_file_id($db, $_SESSION["userid"], $path);
+
+	$owner_db = $db->query("SELECT owner FROM files WHERE id=" . SQLite3::escapeString($file_id) . ";");
+	$owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
+
+	if($owner_ar[0] != $_SESSION["userid"]){
+		return MKDIR_OWNER;
+	}
+
+	//TODO: Cut trailing or leading slash
+	//TODO: Maye create two folders instead of returning an error?
+	if(preg_match("/\//", $new_folder_name)){
+		return SLASH_IN_FOLDER_NAME;
+	}
+
+	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_folder_name) . "' AND owner=".$_SESSION["userid"].";");
+	while($dupl_ar = $dupl_db->fetchArray(SQLITE3_NUM)){
+		if($dupl_ar[0] == $file_id){
+			return MKDIR_DUPLICATE;
+		}
+	}
+	
+	if(database_mkdir($db, $file_id, $new_folder_name, $share)){
+		return MKDIR_SUCCESS;
+	} else {
+		return MKDIR_DATABASE;
+	}
+}
+
+function move_folder($old_path, $new_path){
+
+	if(!$_SESSION["login"]){
+		return NOT_LOGED_IN;
+	}
+
+	$db = $GLOBALS["db"];
+	$old_file_id = select_file_id($db, $_SESSION["userid"], $old_path);
+	$new_file_id = select_file_id($db, $_SESSION["userid"], $new_path);
+
+	$old_folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$old_file_id.";");
+	$old_folder_owner_ar = $old_folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($_SESSION["userid"] != $old_folder_owner_ar[0]){
+		return MV_OLD_FOLDER_NOT_OWNER;
+	}
+
+	if(!$new_file_id){
+		return MV_FOLDER_TARGET_NOT_EXIST;
+	}
+
+	$new_folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$new_file_id.";");
+	$new_folder_owner_ar = $new_folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($_SESSION["userid"] != $new_folder_owner_ar[0]){
+		return MV_NEW_FOLDER_NOT_OWNER; }
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE files SET parent=".$new_file_id." WHERE id=".$old_file_id.";
+		COMMIT;
+	")){
+		return MV_FOLDER_SUCCESS;
+	} else {
+		return MV_FOLDER_DATABASE;
+	}
+}
+
+function rename_folder($path, $new_name){
+	if(!$_SESSION["login"]){
+		return NOT_LOGED_IN;
+	}
+
+	$db = $GLOBALS["db"];
+
+	$file_id = select_file_id($db, $_SESSION["username"], $path);
+
+	$folder_owner_db = $db->query("SELECT owner FROM fiiles where id=".$file_id.";");
+	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return FOLDER_NOT_OWNER;
+	}
+
+	if(preg_match("/\//", $new_name)){
+		return SLASH_IN_FOLDER_NAME;
+	}
+
+	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_name) . "' AND owner=".$_SESSION["userid"].";");
+	while($dupl_ar = $dupl_db->fetchArray(SQLITE3_NUM)){
+		if($dupl_ar[0] == $file_id){
+			return MKDIR_DUPLICATE;
+		}
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE files SET name='".SQLite3::escapeString($new_name)."' WHERE id=".$file_id.";
+		COMMIT;
+	")){
+		return true;
+	} else {
+		return DATABASE;
+	}
+}
+
+function generate_download_link($file_id){
+
+	if(!$_SESSION["login"]){
+		return NOT_LOGED_IN;
+	}
+
+	$db = $GLOBALS["db"];
+
+	$folder_owner_db = $db->query("SELECT owner FROM files where id=".$file_id.";");
+	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return FOLDER_NOT_OWNER;
+	}
+	
+	$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s",     "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q",     "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
+
+	$length = count($key_array);
+	$key = "";
+
+	for ($i=0;$i<21;$i++){
+		$index = mt_rand(0,$length-1);
+		$key = $key.$key_array[$index];
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE files SET download_link='".$key."' WHERE id=".$file_id.";
+		COMMIT;
+	")){
+		return $key;
+	} else {
+		return DATABASE;
+	}
+}
diff --git a/www/functions/notused/func_invite.php b/www/functions/notused/func_invite.php
new file mode 100755
index 0000000..d7613d5
--- /dev/null
+++ b/www/functions/notused/func_invite.php
@@ -0,0 +1,62 @@
+<?php
+function invite($db){
+
+	$name=$_SESSION["username"];
+        $safe_name = SQLite3::escapeString("$name");
+
+        $email=$_POST["email"];
+        $safe_email=SQLite3::escapeString("$email");
+
+        $invite_db = $db->query("SELECT invites FROM user WHERE name='" . $safe_name . "';");
+        $invite_ar = $invite_db->fetchArray(SQLITE3_NUM);
+        $invite = $invite_ar[0];
+
+        if($invite <= 0){ 
+		return INVITE_INVITES;
+	}
+
+	$email_db = $db->query("Select 1 FROM user WHERE email='" . $safe_email . "';");
+	$email_ar = $email_db->fetchArray(SQLITE3_NUM);
+
+	if($email_ar[0] == 1){
+		return INVITE_USEREXISTS;
+	}
+
+        /*Generates the invite key => [-_0-9a-zA-Z]{11}*/
+
+      	$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
+
+         $length = count($key_array);
+         $key = ""; 
+
+         for ($i=0;$i<11;$i++){
+               	$index = mt_rand(0,$length-1);
+                $key = "$key".$key_array[$index];
+         }   
+
+         $id_db = $db->query("SELECT id FROM USER WHERE name='" . $safe_name . "';");
+         $id_ar = $id_db->fetchArray(SQLITE3_NUM);
+         $id = $id_ar[0];
+
+        /*Generates the new user and decrease the invites*/
+
+         $invite = $invite-1;
+
+         if($db->exec("
+         	BEGIN TRANSACTION;
+                INSERT INTO user (id, name, email, senpai, key, status) VALUES (NULL, NULL, '" . $safe_email . "', '" . $id . "', '" . $key . "', 0);
+                UPDATE user SET invites='" . $invite . "' WHERE id='" . $id . "'; 
+                COMMIT;")
+         ){  
+
+               	$subject="Welcome, you were invited to the new virtual filesystem.\nYour key is " . $key . "\nVisit files.iamfabulous.de/register to complete your registration.";
+
+		// Doesn't work with GMX or Web.de atm.
+                mail($email, "Invite", $subject, "From: mail@iamfabulous.de");
+
+                return INVITE_SUCCESSFULL;
+
+         } else {
+              	return INVITE_DATABASE;
+         }   
+}
diff --git a/www/functions/notused/func_rewrite.php b/www/functions/notused/func_rewrite.php
new file mode 100755
index 0000000..0a123d6
--- /dev/null
+++ b/www/functions/notused/func_rewrite.php
@@ -0,0 +1,30 @@
+<?php
+function rewrite($db){
+
+        /* test if first argument a username or folder */
+
+	$name = user_id($db, $_GET["name"]);
+
+        if($name == ""){
+	
+                /* if first argument wasn't valid, rewrite the URL to include the username */
+
+		$folder = $_GET["folder"];
+
+		if(preg_match("/\/$/", $_GET["folder"])){
+			$folder = substr($_GET["folder"], 0, -1);
+		}
+
+                if($_SESSION["login"]){
+			$scheme = $GLOBALS["scheme"];
+                        header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/" . $_SESSION['username'] . "/" . $_GET["name"] . "/" . $folder . "");
+			exit;
+                }
+
+		return false;
+
+	} else {
+		return true;
+	}
+}
+
diff --git a/www/functions/notused/func_select.php b/www/functions/notused/func_select.php
new file mode 100755
index 0000000..9f10cd6
--- /dev/null
+++ b/www/functions/notused/func_select.php
@@ -0,0 +1,62 @@
+<?php
+function select_file_id($db, $owner, $folder_path){
+
+	if($_SESSION["login"] && $_SESSION["userid"] == $owner){ 	// TODO: Check if loged in user really the user who does the query - fix 12.3.14
+		$share="";						// to print all files, even hidden ones
+	} else {
+		$share =" AND share='PUBLIC'";				// just use files with the correct permissions
+	}
+
+	$folder_array_unsafe = explode("/",$folder_path);
+
+	$root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . SQLite3::escapeString($owner) . " AND folder='DIRECTORY' " . $share . ";");
+	$root_ar = $root_db->fetchArray(SQLITE3_NUM);
+	$root_id = $root_ar[0];
+	if(empty($root_ar[0])){
+		failure("Seems like the user doesn't want to show his tree: " . $root_id);
+	}
+
+	$tmp_length = count($folder_array_unsafe);
+
+	if(empty($folder_array_unsafe[$tmp_length-1])){
+		$length = $tmp_length-1;
+	} else {
+		$length = $tmp_length;
+	}
+
+	$parentdir = SQLite3::escapeString($root_id);
+
+	if(empty($folder_array_unsafe[0])){
+		return $root_id;		// returns the primary key from the root dir
+	}
+
+	for($i=0; $i<$length; $i++){
+
+		$parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "' COLLATE NOCASE;");
+
+		$prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
+
+
+		if($parentdir != $prim_id[1]){
+
+/*
+			$wrong_folder = $folder_array_unsafe[$i];
+			$working_path[0] = $wrong_folder;
+
+			for($j=0; $j<$i; $j++){
+				$working_path[$j] = $folder_array_unsafe[$j];
+			}
+
+			get_404($working_path, $wrong_folder);
+*/
+
+			return false;
+		}
+
+
+		$parentdir = $prim_id[0];
+	}
+
+	return $parentdir;		// returns the primary key from the last entry in the folder array
+
+}
diff --git a/www/functions/notused/func_upload.php b/www/functions/notused/func_upload.php
new file mode 100755
index 0000000..31fe304
--- /dev/null
+++ b/www/functions/notused/func_upload.php
@@ -0,0 +1,192 @@
+<?php
+
+function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){
+	if($db->exec("
+		BEGIN TRANSACTION;
+		INSERT INTO files (id, parent, owner, name, folder, mime, size, share, hash) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."', '" . $filehash . "');
+		COMMIT;
+	")){
+		return true;
+	} else  {
+		return false;
+	}
+}
+
+function database_upload_update($db, $id, $name, $mime, $size, $share, $filehash){
+	if($db->exec("
+		BEGIN TRANSACTION;
+		UPDATE files SET name='".$name."', mime='".$mime."', size='".$size."', share='".$share."', hash='".$filehash."' WHERE id=".$id.";
+		COMMIT;
+	")){
+		return true;
+	} else {
+		return false;
+	}
+}
+
+function upload($path){
+
+	$db = $GLOBALS["db"];
+
+	set_time_limit(0);
+
+	if(!$_SESSION["login"]){
+		return UPLOAD_LOGIN;
+	}
+	
+	if($_FILES["userfile"]["error"] > 0 || !$_FILES['userfile']['size'] > 0 || empty($_FILES['userfile']['size'])){
+		return UPLOAD_UPLOAD;
+	}
+
+	$parentdir = select_file_id($db, $_SESSION["userid"], $path);
+
+	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$parentdir.";");
+	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return UPLOAD_FOLDER_NOT_OWNER;
+	}
+
+	$owner = $_SESSION["userid"];
+
+	$overall_size_db = $db->query("SELECT size FROM files WHERE owner=" . $owner . " AND size > 0;");
+	$overall_size = 0;
+	while($row = $overall_size_db->fetchArray(SQLITE3_NUM)){
+		$overall_size = $overall_size + $row[0];
+	}
+	
+	if($overall_size > 2147483648){		// == 2GB
+		return UPLOAD_QUOTA;
+	}
+
+	$filename = $_FILES['userfile']['name'];
+
+	$folder = "FILE";
+	$mime = $_FILES['userfile']['type'];
+	$size = $_FILES['userfile']['size'];
+
+	if(isset($_POST["share"])){
+		$share = "PUBLIC";
+	} else {
+		$share = "PRIVATE";
+	}
+
+	$uploaddir = "../files/";
+
+	//$filehash = hash_file("md5", $uploaddir . $filename);
+	$filehash = hash_file("md5", $_FILES['userfile']['tmp_name']);
+
+	$exists = false;
+	$check_if_filename_already_exists_db = $db->query("SELECT id, name FROM files WHERE parent=".$parentdir." AND folder='FILE'");
+
+	while($row = $check_if_filename_already_exists_db->fetchArray(SQLITE3_NUM)){
+		if($row[1] == $filename){
+			$fileid = $row[0];
+			$exists = true;
+			break;
+		}
+	}
+
+	$hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';");
+	$hashtest_ar = $hashtest_db->fetchArray(SQLITE3_NUM);
+
+	/* new file was uploaded */
+	if(empty($hashtest_ar[0])){
+
+		if(!move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){
+			return UPLOAD_MOVING;
+		}
+
+		/* checks if filename exists in the same directory */
+		if($exists){
+			$delete_file_db = $db->query("SELECT hash FROM files WHERE name='".$filename."' AND parent='".$parentdir."';");
+			$delete_file_ar = $delete_file_db->fetchArray(SQLITE3_NUM);
+
+			if(check_if_deletable($db, $fileid, $delete_file_ar[0])){
+
+				if(!unlink($uploaddir.$delete_file_ar[0].".gz")){
+					return UPLOAD_FILE_HANDLING;
+				}
+			}
+			if(!database_upload_update($db, $fileid, $filename, $mime, $size, $share, $filehash)){
+				return UPLOAD_DATABASE;
+			}
+		} else {
+			if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
+				return UPLOAD_DATABASE;
+			}	
+		}
+
+		$gzfile = $uploaddir . $filehash . ".gz";
+		$fp = gzopen($gzfile, 'w9');
+
+		if(!gzwrite($fp, file_get_contents($uploaddir . $filename))){
+			return UPLOAD_FILE_HANDLING;
+		}
+
+		if(!gzclose($fp)){
+			return UPLOAD_FILE_HANDLING;
+		}
+
+		if(!unlink($uploaddir . $filename)){
+			return UPLOAD_FILE_HANDLING;
+		}
+
+		return UPLOAD_SUCCESS;
+
+	/* new file already exists, only thing is a new entry in the database */
+	} else {
+
+		$dupl_db = $db->query("SELECT parent, mime, size, share, name FROM files WHERE hash='" . $filehash . "';");
+
+		while($row = $dupl_db->fetchArray(SQLITE3_NUM)){
+			if($row[0] == $parentdir){
+				if($mime == $row[1] && $size == $row[2] && $share == $row[3] && $filename == $row[4]){
+					return UPLOAD_DUPLICATE;
+				}
+			}
+		}
+		
+		if($exists){
+			$delete_file_db = $db->query("SELECT hash FROM files WHERE name='".$filename."' AND parent='".$parentdir."';");
+			$delete_file_ar = $delete_file_db->fetchArray(SQLITE3_NUM);
+
+			if(check_if_deletable($db, $fileid, $delete_file_ar[0])){
+				if(!unlink($uploaddir.$delete_file_ar[0].".gz")){
+					return UPLOAD_FILE_HANDLING;
+				}
+			}
+			if(!database_upload_update($db, $fileid, $filename, $mime, $size, $share, $filehash)){
+				return UPLOAD_DATABASE;
+			}
+		} else {
+			if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
+				return UPLOAD_DATABASE;
+			}
+		}
+
+		if(!unlink($_FILES['userfile']['tmp_name'])){
+			return UPLOAD_FILE_HANDLING;
+		}
+
+		return UPLOAD_SUCCESS;
+	}
+}
+
+//not used atm
+
+//function web_upload($db){
+//	$url = $_POST["url"]; 
+//	if(!preg_match("/^((https?|ftp)?://|www\.|ftp\.)?([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){
+//		echo "no hyperlink";
+//		return false;
+//	}
+//	if(!preg_match("/^[a-zA-Z]+://", $url){
+//		$url = "http://".$url;
+//	}
+//	$file = file_get_contents($url);
+//	if(!$file){
+//		echo "Couldn't download ".$url;
+//		return false;
+//	}
+//}