From 12734da8826299ffd24c0a15f6dbf205892d7221 Mon Sep 17 00:00:00 2001
From: root
Date: Mon, 14 Apr 2014 08:35:13 +0200
Subject: Pushed to v3

---
 www/functions/notused/func_delete.php | 207 ++++++++++++++++++++++++++++++++++
 1 file changed, 207 insertions(+)
 create mode 100644 www/functions/notused/func_delete.php

(limited to 'www/functions/notused/func_delete.php')

diff --git a/www/functions/notused/func_delete.php b/www/functions/notused/func_delete.php
new file mode 100644
index 0000000..6220f8a
--- /dev/null
+++ b/www/functions/notused/func_delete.php
@@ -0,0 +1,207 @@
+<?php
+
+/*
+	expected state: tested?; but broken
+*/
+
+function check_if_deletable($db, $id, $hash){
+	$check_db = $db->query("SELECT hash FROM files WHERE id!=".$id." AND folder='FILE';");
+	
+	$count = 0;
+	while($check_ar = $check_db->fetchArray(SQLITE3_NUM)){
+		if($check_ar[0] == $hash){
+			$count = $count +1;
+			break;
+		}
+	}
+
+	if($count == 0){
+		return true;
+	} else {
+		return false;
+	}
+}
+
+function delete_file($user, $path){
+
+	if(!$_SESSION["login"]){
+		return DELETE_FILE_LOGIN;
+	}
+
+	$db = $GLOBALS["db"];
+	$uploaddir = "../files/";
+
+	$file_id = select_file_id($db, $user, $path);
+
+	$file_owner_db = $db->query("SELECT owner FROM files WHERE id=".$file_id.";");
+	$file_owner_ar = $file_owner_db->fetchArray(SQLITE3_NUM);
+
+	if($file_owner_ar[0] != $_SESSION["userid"]){
+		return DELETE_FILE_NOT_OWNER;
+	}
+
+	$check_if_file_db = $db->query("SELECT folder, hash FROM files WHERE id=".$file_id.";");
+	$check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM);
+
+	if($check_if_file_ar[0] != "FILE"){
+		return DELETE_FILE_NO_FILE;
+	}
+
+	$file_hash = $check_if_file_ar[1];
+
+	$hash_array_db = $db->query("SELECT hash FROM files WHERE hash='".$file_hash.";'");
+	$count = 0;
+
+	while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
+		$hash_ar[$count] = $row1[0];
+		$count++;
+	}
+
+	$count = 0;
+
+	for($i=0; $i<count($hash_ar); $i++){
+		$file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i].    "';");			
+		while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
+			if($row2[1] != $_SESSION["userid"]){
+				$saved_files[$count] = $hash_ar[$i];			
+			}
+			$count++;
+ 		}
+	}
+
+	for($i=0; $i<count($saved_files); $i++){
+		$cur = $saved_files[$i];
+		for($j=0; $j<count($hash_ar); $j++){
+			if($cur == $hash_ar[$j]){
+				$hash_ar[$j] = "";
+			}
+		}
+	}
+	
+	for($i=0; $i<count($hash_ar); $i++){
+		if(!$file_hash[$i] != ""){
+			if(!unlink($uploaddir.$file_hash.".gz")){
+				return DELETE_FILE_UNLINK;
+			}
+		}
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DELETE FROM files WHERE id=".$file_id.";
+		COMMIT;
+	")){
+		return DELETE_FILE_SUCCESS;
+	} else {
+		return DELETE_FILE_DATABASE;
+	}
+}
+
+function delete_folder($user, $path){
+
+	if(!$_SESSION["login"]){
+		return DELETE_FOLDER_LOGIN;
+	}
+
+	$db = $GLOBALS["db"];
+
+	$folder_id = select_file_id($db, $user, $path);
+
+	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$folder_id.";");
+	$folder_owner_ar = $db->fetchArray(SQLITE3_NUM);
+
+	if($folder_owner_ar[0] != $_SESSION["userid"]){
+		return DELETE_FOLDER_NOT_OWNER;
+	}
+
+	$folder_content_db = $db->query("SELECT id FROM files WHERE parent=".$folder_id.";");
+	$folder_content_ar = $folder_content_db->fetchArray(SQLITE3_NUM);
+	
+	if(empty($folder_content_ar[0])){
+		return DELETE_FOLDER_NOT_EMPTY;
+	}
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DELETE FROM files WHERE id=".$folder_id.";
+		COMMIT;
+	")){
+		return DELETE_FOLDER_SUCCESS;
+	} else {
+		return DELETE_FOLDER_DATABASE;
+	}
+}
+
+function delete_user($user, $password, $password_verify){
+
+	if(!$_SESSION["login"]){
+		return DELETE_USER_LOGIN;
+	}
+
+	$db = $GLOBALS["db"];
+	$uploaddir = "../files/";
+
+	$owner = user_id($db, $user);
+
+	if(($password != $password_verify ) || $password = ""){
+		return DELETE_USER_EMPTY_PASSWORD;
+	}
+
+	$password_hash_db = $db->query("SELECT password FROM user WHERE id=".$owner.";");
+	$password_hash_ar = $password_hash_db->fetchArray(SQLITE3_NUM);
+
+	$admin_password_hash_db = $db->query("SELECT password FROM user WHERE id=1;");
+	$admin_password_hash_ar = $admin_password_hash_db->fetchArray(SQLITE3_NUM);
+
+	if(!password_verify($password, $password_hash_ar[0]) || !password_verify($password, $admin_password_hash_ar[0])){
+		return DELETE_USER_WRONG_PASSWORD;
+	}
+
+	$hash_array_db = $db->query("SELECT hash FROM files WHERE folder='FILE' AND owner=".$owner.";");
+
+	$count = 0;
+
+	while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
+		$hash_ar[$count] = $row1[0];
+		$count++;
+	}
+
+	$count = 0;
+
+	for($i=0; $i<count($hash_ar); $i++){
+		$file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]."';");
+		while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
+			if($row2[1] != $_SESSION["userid"]){
+				$saved_files[$count] = $hash_ar[$i];
+			}
+		$count++;
+		}
+	}
+
+	for($i=0; $i<count($saved_files); $i++){
+		$cur = $saved_files[$i];
+		for($j=0;$j<count($hash_ar); $j++){
+			if($cur == $hash_ar[$j]){
+				$hash_ar[$j] = "";
+			}
+		}
+	}
+
+	for($i=0; $ii<count($hash_ar); $i++){
+		if($hash_ar[$i] != ""){
+			if(!unlink($uploaddir.$hash_ar[$i].".gz")){
+				return DELETE_USER_FILE_DELETE;
+			}
+		}
+	}	
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DELETE FROM user WHERE id=".$owner.";
+		COMMIT;
+	")){
+		return DELETE_USER_SUCCESS;
+	} else {
+		return DELETE_USER_DATABASE;
+	}
+}
-- 
cgit v1.2.3