From 1fe76ba743a3418da9a0883b29756d442384d0bc Mon Sep 17 00:00:00 2001
From: Horus3
Date: Thu, 25 Sep 2014 10:33:47 +0200
Subject: init

---
 www/functions/func_failure.php          |  13 --
 www/functions/func_interface.php        |  27 ---
 www/functions/func_login.php            | 134 -------------
 www/functions/func_password.php         |  77 --------
 www/functions/func_register.php         |  61 ------
 www/functions/func_user.php             | 341 --------------------------------
 www/functions/notused/func_content.php  | 121 ------------
 www/functions/notused/func_delete.php   | 207 -------------------
 www/functions/notused/func_download.php | 123 ------------
 www/functions/notused/func_folder.php   | 162 ---------------
 www/functions/notused/func_invite.php   |  62 ------
 www/functions/notused/func_rewrite.php  |  30 ---
 www/functions/notused/func_select.php   |  62 ------
 www/functions/notused/func_upload.php   | 192 ------------------
 14 files changed, 1612 deletions(-)
 delete mode 100755 www/functions/func_failure.php
 delete mode 100755 www/functions/func_interface.php
 delete mode 100755 www/functions/func_login.php
 delete mode 100644 www/functions/func_password.php
 delete mode 100755 www/functions/func_register.php
 delete mode 100755 www/functions/func_user.php
 delete mode 100755 www/functions/notused/func_content.php
 delete mode 100644 www/functions/notused/func_delete.php
 delete mode 100644 www/functions/notused/func_download.php
 delete mode 100644 www/functions/notused/func_folder.php
 delete mode 100755 www/functions/notused/func_invite.php
 delete mode 100755 www/functions/notused/func_rewrite.php
 delete mode 100755 www/functions/notused/func_select.php
 delete mode 100755 www/functions/notused/func_upload.php

(limited to 'www/functions')

diff --git a/www/functions/func_failure.php b/www/functions/func_failure.php
deleted file mode 100755
index e54cfaf..0000000
--- a/www/functions/func_failure.php
+++ /dev/null
@@ -1,13 +0,0 @@
-<?php
-/* --PAGE NOT FOUND - 404 -- */
-
-//function get_404($working_path, $wrong_folder){
-//        include("httperror.php");
-//        exit;
-//}
-
-function failure($reason){
-        echo "A 404 error occurred. <br>";
-        echo $reason;
-        exit;
-}
diff --git a/www/functions/func_interface.php b/www/functions/func_interface.php
deleted file mode 100755
index 08b9790..0000000
--- a/www/functions/func_interface.php
+++ /dev/null
@@ -1,27 +0,0 @@
-<?php
-
-//function print_invite($var){
-//	include("invite.php");
-//}
-
-/*
-function print_recover_password(){
-	echo "
-		<!DOCTYPE html>
-		<html>
-		<body>
-		<form method='POST' action='/password_reset'>
-		<p>E-Mail <input type='text' name='email'></p>
-		</form>
-		</body>
-	";
-}
-*/
-
-//function print_login($var){
-//	echo "Coming soon";
-//}
-
-//function print_index(){
-//	echo "Coming soon";
-//}
diff --git a/www/functions/func_login.php b/www/functions/func_login.php
deleted file mode 100755
index 7944c3e..0000000
--- a/www/functions/func_login.php
+++ /dev/null
@@ -1,134 +0,0 @@
-<?php
-function login($db){
-
-        /*___Database Query: Login___*/
-	$username = $_POST["username"];
-        $password = $_POST["password"];
-        $safe_username = SQLite3::escapeString(htmlentities($username));
-
-	$log_in = false;
-	$real_password = "";
-
-	if($username == "Guest"){
-
-		$real_password_db = $db->query("SELECT email FROM jg;");
-		while($row = $real_password_db->fetchArray(SQLITE3_NUM)){
-			if($row[0] == $password){
-				$log_in = true;
-				break;
-			}		
-		}
-	} else {
-		$pepper = file_get_contents("../database/pepper.txt");
-		$password = $password . $pepper;
-
-        	$real_password_db = $db->query("SELECT password FROM user WHERE name='" . $safe_username . "';");
-        	while($real_password_array = $real_password_db->fetchArray(SQLITE3_NUM)){
-        		foreach($real_password_array as $secondelement){
-                		$real_password=$secondelement;
-                	}   
-		}   
-
-        	if (password_verify($password, $real_password)) {
-			$log_in = true;
-		}
-	}
-
-        /*___Login___*/
-	if(!$log_in){
-		return LOGIN_PASSWORD;
-	}
-
-	
-	$id = user_id($db, $username);
-	$banned_db = $db->query("SELECT 1 FROM banned_user WHERE user=".$id);
-	$banned_ar = $banned_db->fetchArray(SQLITE3_NUM);
-
-	if($banned_ar[0] == 1){
-		echo "You are banned. ;_;";
-		exit;
-	}
-
-        if($db->exec("
-        	BEGIN TRANSACTION;
-                INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='" . $username . "'), (SELECT strftime('%s', 'now')));
-                COMMIT;
-	")){
-
-
-                $_SESSION["login"] = true;
-                $_SESSION["username"] = $username;
-		$_SESSION["userid"] = $id;
-
-		return LOGIN_SUCCESSFULL; 
-
-	} else {
-		return LOGIN_DATABASE;
-	}   
-}
-
-function logout(){
-        
-	if(session_destroy()){
-                return LOGOUT_SUCCESSFULL;
-        } else {
-                return LOGOUT_FAILURE;
-        }   
-}
-
-function brutforce_protection($db){
-	$_SESSION["login_attempts"] = $_SESSION["login_attempts"] - 1;
-
-	$remote_ip = $_SERVER["REMOTE_ADDR"];
-	$session_id = session_id();
-	$time = $_SERVER["REQUEST_TIME"];
-	
-	if($_SESSION["login_attempts"] <= 0){
-		$db->exec("
-			BEGIN TRANSACTION;
-			INSERT INTO banned_user (id, login_attempts, ip, session_id, time) VALUES (NULL, ".$_SESSION["login_attempts"].", '".SQLite3::escapeString($remote_ip)."', '".SQLite3::escapeString($session_id)."', ".$time.");
-			COMMIT;
-		");
-		banned();
-
-	} else {
-		if($db->exec("
-			BEGIN TRANSACTION;
-			INSERT INTO banned_user (id, login_attempts, ip, session_id, time) VALUES (NULL, ".$_SESSION["login_attempts"].", '".$db->escapeString($remote_ip)."', '".SQLite3::escapeString($session_id)."', '".$time."');
-			COMMIT;
-		")){
-			return true;
-		} else {
-			return false;
-		}
-	}
-}
-
-function check_if_banned($db){
-
-	$remote_ip = $_SERVER["REMOTE_ADDR"];
-	$session_id = session_id();
-	$check_db = $db->query("SELECT time, login_attempts, id FROM banned_user WHERE ip='".SQLite3::escapeString($remote_ip)."' OR session_id='".SQLite3::escapeString($session_id)."' ORDER BY id DESC;");
-	$check_ar = $check_db->fetchArray(SQLITE3_NUM);
-
-	$log_at = $check_ar[1];
-	if($log_at){
-		$_SESSION["login_attempts"] = $log_at;
-	}
-
-	$accepted_time = $_SERVER["REQUEST_TIME"] - 21600; 	// == 6h
-	$db->exec("DELETE FROM banned_user WHERE time<'".$accepted_time."'");	
-
-	if($log_at <= 0){
-		if($check_ar[0] >= $accepted_time){
-			return true;					// still banned
-		}
-	}
-
-	return false; 					// not longer banned
-}
-
-function banned(){
-	header("Refresh: 0; ".$GLOBALS["scheme"].$_SERVER["HTTP_HOST"]."/banned");
-	exit;
-}
diff --git a/www/functions/func_password.php b/www/functions/func_password.php
deleted file mode 100644
index e515111..0000000
--- a/www/functions/func_password.php
+++ /dev/null
@@ -1,77 +0,0 @@
-<?php
-
-function change_password($db, $first_password, $second_password){
-	if($_SESSION["login"]){
-		$username = user_id($db, $_SESSION["username"]);
-	} else {
-		$username_db = $db->query("SELECT id FROM user WHERE email='" . SQLite3::escapeString(htmlentities($_POST['email'])) . "';");
-		$username_ar = $username_db->fetchArray(SQLITE3_NUM);
-		$username = $username_ar[0];
-	}
-	
-	if($first_password != $second_password || !isset($first_password) || empty($first_password) || $first_password == ""){
-		return PASSWORD_PASSWORD;
-	}
-
-	$pepper = file_get_contents("../database/pepper.txt");
-	$password = $first_password . $pepper;
-
-	$hash_password = password_hash($password, PASSWORD_DEFAULT);
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE user SET password='" . $hash_password . "' WHERE id=" . $username . ";
-		COMMIT;
-	")){
-		return PASSWORD_SUCCESS;
-	} else {
-		return PASSWORD_DATABASE;
-	}
-}
-
-function recover_password($db){
-	$test_email_db = $db->query("SELECT 1 FROM user WHERE email='" . SQLite3::escapeString(htmlentities($_POST['email'])) . "';");
-	$test_email_ar = $test_email_db->fetchArray(SQLITE3_NUM);
-
-	if($test_email_ar[0] == 1){
-		$password_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
-
-		$length = count($password_array);
-		$password = ""; 
-
-		for ($i=0;$i<21;$i++){
-			$index = mt_rand(0,$length-1);
-			$password = "$password".$password_array[$index];
-		}
-
-		$var = change_password($db, $password, $password);
-
-		if($var == PASSWORD_SUCCESS){
-
-			$subject = "Your new password is" . $password;
-			if(mail($_POST['email'], "New password", $subject, "From: mail@iamfabulous.de")){
-				return RECOVER_SUCCESS;
-			} else {
-				return RECOVER_EMAIL;
-			}
-		} else {
-			return $var;
-		}
-	} else {
-		return RECOVER_PROHIBITED;
-	}
-}
-
-function validate_password($db, $username, $password){
-	$res_db = $db->query("SELECT password FROM user WHERE name='".$db->escapeString(htmlentities($username))."'");
-	$res_ar = $res_db->fetchArray(SQLITE3_NUM);
-
-	$pepper = file_get_contents("../database/pepper.txt");
-	$password .= $pepper;
-
-	if(password_verify($password, $res_ar[0])){
-		return true;
-	} else {
-		return false;
-	}
-}
diff --git a/www/functions/func_register.php b/www/functions/func_register.php
deleted file mode 100755
index da804d4..0000000
--- a/www/functions/func_register.php
+++ /dev/null
@@ -1,61 +0,0 @@
-<?php
-function register($db){
-
-	$name = $_POST["name"];
-        $cleartext_password = $_POST["pswd"];
-        $second_password = $_POST["2ndpswd"];
-        $email = $_POST["email"];
-
-        /* checking for empty password etc. */
-
-        if(($cleartext_password != $second_password) || !isset($_POST["pswd"]) || !isset($_POST["2ndpswd"]) || $cleartext_password == "" || empty($_POST["pswd"]) || empty($_POST["2ndpswd"])){
-		return REGISTER_PASSWORD;
-	}   
-
-	if(!empty($email)){
-		if(!preg_match("/[^.+@.+]/", $email)){
-			return REGISTER_EMAIL;
-		}   
-	} else {
-		$email = "";
-	}
-
-        $safe_name =  SQLite3::escapeString(htmlentities($name));
-        $safe_email =  SQLite3::escapeString(htmlentities($email));
-
-        /*Checks the validation of the registration attempt*/
-
-	$doubleusername_db = $db->query("SELECT 1 FROM user WHERE name='" . $safe_name . "';");
-	$doubleusername_ar = $doubleusername_db->fetchArray(SQLITE3_NUM);
-
-	if($doubleusername_ar[0] == 1){
-		return REGISTER_USERNAME;
-	}
-
-        /*Generates the encrypted password and the database transaction*/
-
-	$pepper = file_get_contents("../database/pepper.txt");
-	$password = $cleartext_password . $pepper;
-
-	$hash_password = password_hash($password, PASSWORD_DEFAULT);
-
-        if($db->exec("
-		BEGIN TRANSACTION;
-		INSERT INTO user (id, name, password, email, status, register) VALUES (NULL, '".$safe_name."', '".$hash_password."', '".$safe_email."', 1, (SELECT strftime('%s', 'now')));
-		INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='" . $safe_name. "'), (SELECT strftime('%s', 'now')));
-                COMMIT;")
-	){
-
-		$userid = user_id($db, $safe_name);
-
-        	$_SESSION["login"] = true;
-                $_SESSION["username"] = $safe_name;
-		$_SESSION["userid"] = $userid;
-
-		return REGISTER_SUCCESSFULL;
-
-	} else {
-		return REGISTER_DATABASE;
-	}
-
-}
diff --git a/www/functions/func_user.php b/www/functions/func_user.php
deleted file mode 100755
index 394a8f7..0000000
--- a/www/functions/func_user.php
+++ /dev/null
@@ -1,341 +0,0 @@
-<?php
-function account($db, $var){
-	
-	if(empty($_GET["id"])){
-		$info_db = $db->query("SELECT * FROM user WHERE name='".$_SESSION["username"]."';");
-		$info_ar = $info_db->fetchArray(SQLITE3_NUM);
-
-		$ls_db = $db->query("SELECT login FROM log WHERE user=".$info_ar[0]." ORDER BY id DESC");
-		$last_seen = $ls_db->fetchArray(SQLITE3_NUM);
-	}
-
-	echo "
-	<!doctype html>
-
-	<html>
-	<head>
-		<title>Account :: Junge Gemeinde Adlershof</title>
-		<meta http-equiv='Content-type' content='text/html; charset=utf-8' />
-		<link rel='stylesheet' type='text/css' href='/static/hyperstyle.css' />
-		<link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'>
-		<script>
-			function showChangeUsername(){
-				document.getElementById(\"newUsername\").style.visibility = \"visible\";
-
-				return;
-			}
-
-			function showNewPassword(){
-				document.getElementById(\"newPassword\").style.visibility = \"visible\";
-
-				return;
-			}
-		</script>
-		<style type='text/css'>
-			#newUsername{
-				width: 100%;
-				height: 100%;
-				background: #ecece1;
-				position: fixed;
-				z-index: 99;
-				top: 0px;
-				opacity: 0.85;
-				visibility: hidden;
-			}
-
-			#newUsername-area{
-				height: 190px;
-				width: 400px;
-				position: fixed;
-				top: 50%;
-				margin-top: -100px;
-				padding: 10px;
-				left: 50%;
-				margin-left: -200px;
-				border: 1px solid black;
-			}
-	
-			#newPassword{
-				width: 100%;
-				height: 100%;
-				background: #ecece1;
-				position: fixed;
-				z-index: 99;
-				top: 0px;
-				opacity: 0.85;
-				visibility: hidden;
-			}
-
-			#newPassword-area{
-				height: 190px;
-				width: 400px;
-				position: fixed;
-				top: 50%;
-				margin-top: -100px;
-				padding: 10px;
-				left: 50%;
-				margin-left: -200px;
-				border: 1px solid black;
-			}
-
-			#UserData-area{
-				width: 20%;
-				height: 120%;
-				/*opacity: 0.75;*/
-				/*background: white;*/
-				
-			}
-	
-		</style>
-	</head>
-	";
-	include("static/head.php");
-//        echo "loged in as: " . $_SESSION["username"];
-/*
-	echo "<center>
-	
-	<table width='400px' border='1' rules='group'>
-		<thead>
-			<tr>
-				<th>Name</th>
-				<th>E-Mail</th>
-			</tr>
-		</thead>
-		<tbody>
-			<tr><td align='center'>".$info_ar[1]."</td><td align='center'>".$info_ar[3]."</td></tr>
-
-	";
-*/
-
-	switch($var){
-		case("password"):
-			$passage = "<font color='red'>Falsches Passwort.</font><br>";
-			break;
-		case(PASSWORD_SUCCESS):
-			$passage = "<font color='red'>Dein Passwort wurde erfolgreich geändert.</font><br>";
-			break;
-		case(CH_USERNAME_SUCCESS):
-			$passage = "<font color='red'>Erfolg! Ab sofort bist du unter ".$_SESSION["username"]." bekannt.</font><br>";
-			break;
-		case(CH_EMAIL_SUCCESS):
-			$passage = "<font color='red'>Deine E-Mail Adresse wurde erfolgreich geändert.</font><br>";
-			break;
-		case(CH_EMAIL_EXISTS):
-			$passage = "<font color='red'>Diese E-Mail Adresse ist schon in Benutzung.</font><br>";
-			break;
-		case(CH_USERNAME_EXISTS):
-			$passage = "<font color='red'>Dieser Name ist schon in Benutzung.</font><br>";
-			break;
-		default:
-			$passage = "";
-			break;
-	}
-
-	echo "<center>
-
-	<br><br>
-	<div id='content_container' align='center'>
-		<div class='kleineschrift'><div class='ueberschrift'><p>Account Informationen</p></div></div>
-		<br>
-		".$passage."
-		<br>
-
-		<div id='UserData-area'>
-			<p>Deine Daten: (<a href='#' onclick='showChangeUsername()' style='text-decoration:underline; font-size:15px'>ändern?</a>)</p>
-			<br>
-			<table >
-				<tr><td>
-					Name:
-				</td><td>
-					&#160;
-				</td><td>
-					".$info_ar[1]."
-				</td><td>
-				<tr><td>
-					E-Mail:
-				</td><td>
-					&#160;
-				</td><td>
-					".$info_ar[3]."
-				</td></tr>
-				<tr><td>&#160;</td></tr>
-				<tr><td>
-					Registrierungsdatum:
-				</td><td>
-					&#160;
-				</td><td>
-					".date("j.n.Y H:i:s", $info_ar[5])."
-				</td><td>
-				</td><td>
-					&#160;
-				</td></tr>
-				<tr><td>
-					Zuletzt gesehen:
-				</td><td>
-					&#160;
-				</td><td>
-					".date("j.n.Y /  H:i:s", $last_seen[0])."
-				</td></tr>
-			</table>
-			<br>
-
-		</div>
-					
-					<br>
-		<div style='width:400px'><hr></div>
-		<br>
-		<br>
-		<p>Passwort Verwaltung:</p>
-		<br>
-		<table>
-			<tr><td>
-				<a href='#' onclick='showNewPassword()' style='text-decoration:underline;'>Passwort ändern?</a>
-			</td>
-			<td>
-				&#160;
-			</td>
-			<td>
-				|
-			</td>
-			<td>
-				&#160;
-			</td>
-			<td>
-				<a href='/password_recover' style='text-decoration:underline;'>Passwort vergessen?</a>
-			</td></tr>
-		</table>
-					
-
-		<div id='newUsername'>
-			<div id='newUsername-area'>
-		<p>Wechsle deinen Spitznamen oder deine E-Mail Adresse. Bitte bestätige die Änderung mit deinem Passwort.</p>
-		<br>
-		<form method='POST' action='/account/change:user'>
-			<table>
-			<tr><td>
-				Name:
-			</td>
-			<td>
-				<input type='text' name='name' value='".$info_ar[1]."'>
-			</td></tr>
-			<tr><td>
-				E-Mail:
-			</td>
-			<td>
-				<input type='text' name='email' value='".$info_ar[3]."'>
-			</td></tr>
-			<tr><td>
-				Passwort:
-			</td>
-			<td>
-				<input type='password' name='pswd'>
-			</td></tr>
-			<tr><td>
-			</td>
-			<td>
-				<input type='submit' value='ändern'>
-			</td></tr>
-			</table>
-		</form>
-			</div>
-		</div>
-		<br>
-		<div id='newPassword'>
-			<div id='newPassword-area'>
-				<p>Aktualisiere deine Passwort. Bitte bestätige die Änderung mit deinem aktuell gültigen Passwort.
-				<form method='POST' action='/account/change:password'>
-					<table>
-						<tr><td>
-							Neues Passwort:
-						</td>
-						<td>
-							<input type='password' name='pswd'>
-						</td></tr>
-						<tr><td>
-							Neues Passwort wiederholen:
-						</td>
-						<td>
-							<input type='password' name='2ndpswd'>
-						</td></tr>
-						<tr><td>
-						</td>
-						<td>
-						</td></tr>
-						<tr><td>
-							Altes Passwort:
-						</td>
-						<td>
-							<input type='password' name='oldpswd'>
-						</td></tr>
-						<tr><td>
-						</td>
-						<td>
-							<input type='submit' value='ändern'>
-						</td></tr>
-					</table>
-				</form>
-			</div>
-		</div>
-	</div>
-	";
-	return true;
-}
-
-function user_id($db, $user){
-
-	$owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';");
-	$owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
-	if(empty($owner_ar[0])){
-		return false;
-	}
-
-	$owner = $owner_ar[0];
-	if($owner != ""){
-		return $owner;
-	} else {
-		return false;
-	}
-}
-
-function change_username($db, $oldname, $newname){
-	$oldname = $db->escapeString(htmlentities($oldname));
-	$newname = $db->escapeString(htmlentities($newname));
-	$check_db = $db->query("SELECT 1 FROM user WHERE name='".$newname."'");
-	$check_ar = $check_db->fetchArray(SQLITE3_NUM);
-
-	if($check_ar[0] == 1){
-		return CH_USERNAME_EXISTS;
-	}
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE user SET name='".$newname."'WHERE name='".$oldname."';
-		COMMIT;
-	")){
-		$_SESSION["username"] = $newname;
-		return CH_USERNAME_SUCCESS;
-	} else {
-		return DATABASE;
-	}
-}
-
-function change_email($db, $name, $email){
-	$res_db = $db->query("SELECT 1, name FROM user WHERE email='".$db->escapeString(htmlentities($email))."'");
-	$res_ar = $res_db->fetchArray(SQLITE3_NUM);
-
-	if($res_ar[0] == 1){
-		if($name != $res_ar[1]){
-			return CH_EMAIL_EXISTS;
-		}
-	}
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE user SET email='".$db->escapeString(htmlentities($email))."' WHERE name='".$db->escapeString(htmlentities($name))."';
-		COMMIT;
-	")){
-		return CH_EMAIL_SUCCESS;
-	} else {
-		return DATABASE;
-	}
-}
diff --git a/www/functions/notused/func_content.php b/www/functions/notused/func_content.php
deleted file mode 100755
index ad0c87e..0000000
--- a/www/functions/notused/func_content.php
+++ /dev/null
@@ -1,121 +0,0 @@
-<?php
-
-function collect_content($db,$username, $folder_path){
-	$owner = user_id($db, $username);
-
-	if(!$owner){
-		failure("This user doesn't exist!");
-	}
-
-	$file_id = select_file_id($db, $owner, $folder_path);
-
-	if(!$file_id){
-		return FILE_NOT_FOUND;
-	}
-
-	$content = get_content($db, $file_id, $owner);
-
-	if(!$content){
-		return EMPTY_FOLDER;
-	}
-	
-	return $content;
-}
-
-function get_content($db, $file_id, $owner){
-
-	if($_SESSION["login"] && $_SESSION["userid"] == $owner){
-		$share="";
-	} else {
-		$share =" AND share='PUBLIC'";
-	}
-
-	$content_db = $db->query("SELECT * FROM files WHERE parent=" . $file_id . " AND owner=" . $owner . $share . " ORDER BY folder, name;");
-	
-	$count=0;
-
-	while($row = $content_db->fetchArray(SQLITE3_NUM)){
-		$content[$count][0] = $row[0];
-		$content[$count][1] = $row[1];
-		$content[$count][2] = $row[2];
-		$content[$count][3] = $row[3];
-		$content[$count][4] = $row[4];
-		$content[$count][5] = $row[5];
-		$content[$count][6] = $row[6];
-		$content[$count][7] = $row[7];
-		$content[$count][8] = $row[8];
-		$count++;
-	}
-
-	if(!empty($content)){
-		return $content;	// returns everything listed in the folder which is commited as parameter
-	} else {
-		return false;		// empty folder
-	}
-}
-
-function get_path_to_wrong_folder($db, $username, $folder_path){
-
-	$owner = user_id($db, $username);
-
-	if($_SESSION["login"] && $_SESSION["userid"] == $owner){
-		$share = "";
-	} else {
-		$share =" AND share='PUBLIC'";
-	}
-
-	$folder_array_unsafe = explode("/",$folder_path);
-	$length = count($folder_array_unsafe);
-
-	$root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . SQLite3::escapeString($owner) . " AND folder='DIRECTORY' " . $share . ";");
-	$root_ar = $root_db->fetchArray(SQLITE3_NUM);
-	$root_id = $root_ar[0];
-
-	if(empty($root_id)){
-		return FOLDER_NOT_PUBLIC;
-	}
-
-	$parentdir = $root_id;
-	
-	for($i=0; $i<$length; $i++){
-		$parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . $share . " AND parent=". $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "';");
-		$prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
-
-		if($parentdir != $prim_id[1]){
-			$wrong_folder = $folder_array_unsafe[$i];
-			$working_path[0] = $wrong_folder;
-
-			for($j=0; $j<$i; $j++){
-				$working_path[$j] = $folder_array_unsafe[$j];
-			}
-
-			$lwp = count($working_path);
-			$working_path[$lwp] = $wrong_folder;
-
-			if($i == 0){
-				$working_path[0] = "";	// shows just the root slash
-			}
-
-			return $working_path; 	// returns working path and wrong folder as an array
-		}
-
-		$parentdir = $prim_id[0];
-
-	}
-
-	return false;
-}
-
-function print_wrong_folder($content){
-
-	$length = count($content);
-
-	$wrong_folder = $content[$length-1];
-	$working_path[0] = $wrong_folder;	// initialize empty array
-	
-	for($i=0; $i<$length-1; $i++){
-		$working_path[$i] = $content[$i];
-	}
-
-	get_404($working_path, $wrong_folder);
-}
diff --git a/www/functions/notused/func_delete.php b/www/functions/notused/func_delete.php
deleted file mode 100644
index 6220f8a..0000000
--- a/www/functions/notused/func_delete.php
+++ /dev/null
@@ -1,207 +0,0 @@
-<?php
-
-/*
-	expected state: tested?; but broken
-*/
-
-function check_if_deletable($db, $id, $hash){
-	$check_db = $db->query("SELECT hash FROM files WHERE id!=".$id." AND folder='FILE';");
-	
-	$count = 0;
-	while($check_ar = $check_db->fetchArray(SQLITE3_NUM)){
-		if($check_ar[0] == $hash){
-			$count = $count +1;
-			break;
-		}
-	}
-
-	if($count == 0){
-		return true;
-	} else {
-		return false;
-	}
-}
-
-function delete_file($user, $path){
-
-	if(!$_SESSION["login"]){
-		return DELETE_FILE_LOGIN;
-	}
-
-	$db = $GLOBALS["db"];
-	$uploaddir = "../files/";
-
-	$file_id = select_file_id($db, $user, $path);
-
-	$file_owner_db = $db->query("SELECT owner FROM files WHERE id=".$file_id.";");
-	$file_owner_ar = $file_owner_db->fetchArray(SQLITE3_NUM);
-
-	if($file_owner_ar[0] != $_SESSION["userid"]){
-		return DELETE_FILE_NOT_OWNER;
-	}
-
-	$check_if_file_db = $db->query("SELECT folder, hash FROM files WHERE id=".$file_id.";");
-	$check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM);
-
-	if($check_if_file_ar[0] != "FILE"){
-		return DELETE_FILE_NO_FILE;
-	}
-
-	$file_hash = $check_if_file_ar[1];
-
-	$hash_array_db = $db->query("SELECT hash FROM files WHERE hash='".$file_hash.";'");
-	$count = 0;
-
-	while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
-		$hash_ar[$count] = $row1[0];
-		$count++;
-	}
-
-	$count = 0;
-
-	for($i=0; $i<count($hash_ar); $i++){
-		$file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i].    "';");			
-		while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
-			if($row2[1] != $_SESSION["userid"]){
-				$saved_files[$count] = $hash_ar[$i];			
-			}
-			$count++;
- 		}
-	}
-
-	for($i=0; $i<count($saved_files); $i++){
-		$cur = $saved_files[$i];
-		for($j=0; $j<count($hash_ar); $j++){
-			if($cur == $hash_ar[$j]){
-				$hash_ar[$j] = "";
-			}
-		}
-	}
-	
-	for($i=0; $i<count($hash_ar); $i++){
-		if(!$file_hash[$i] != ""){
-			if(!unlink($uploaddir.$file_hash.".gz")){
-				return DELETE_FILE_UNLINK;
-			}
-		}
-	}
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		DELETE FROM files WHERE id=".$file_id.";
-		COMMIT;
-	")){
-		return DELETE_FILE_SUCCESS;
-	} else {
-		return DELETE_FILE_DATABASE;
-	}
-}
-
-function delete_folder($user, $path){
-
-	if(!$_SESSION["login"]){
-		return DELETE_FOLDER_LOGIN;
-	}
-
-	$db = $GLOBALS["db"];
-
-	$folder_id = select_file_id($db, $user, $path);
-
-	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$folder_id.";");
-	$folder_owner_ar = $db->fetchArray(SQLITE3_NUM);
-
-	if($folder_owner_ar[0] != $_SESSION["userid"]){
-		return DELETE_FOLDER_NOT_OWNER;
-	}
-
-	$folder_content_db = $db->query("SELECT id FROM files WHERE parent=".$folder_id.";");
-	$folder_content_ar = $folder_content_db->fetchArray(SQLITE3_NUM);
-	
-	if(empty($folder_content_ar[0])){
-		return DELETE_FOLDER_NOT_EMPTY;
-	}
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		DELETE FROM files WHERE id=".$folder_id.";
-		COMMIT;
-	")){
-		return DELETE_FOLDER_SUCCESS;
-	} else {
-		return DELETE_FOLDER_DATABASE;
-	}
-}
-
-function delete_user($user, $password, $password_verify){
-
-	if(!$_SESSION["login"]){
-		return DELETE_USER_LOGIN;
-	}
-
-	$db = $GLOBALS["db"];
-	$uploaddir = "../files/";
-
-	$owner = user_id($db, $user);
-
-	if(($password != $password_verify ) || $password = ""){
-		return DELETE_USER_EMPTY_PASSWORD;
-	}
-
-	$password_hash_db = $db->query("SELECT password FROM user WHERE id=".$owner.";");
-	$password_hash_ar = $password_hash_db->fetchArray(SQLITE3_NUM);
-
-	$admin_password_hash_db = $db->query("SELECT password FROM user WHERE id=1;");
-	$admin_password_hash_ar = $admin_password_hash_db->fetchArray(SQLITE3_NUM);
-
-	if(!password_verify($password, $password_hash_ar[0]) || !password_verify($password, $admin_password_hash_ar[0])){
-		return DELETE_USER_WRONG_PASSWORD;
-	}
-
-	$hash_array_db = $db->query("SELECT hash FROM files WHERE folder='FILE' AND owner=".$owner.";");
-
-	$count = 0;
-
-	while($row1 = $hash_array_db->fetchArray(SQLITE3_NUM)){
-		$hash_ar[$count] = $row1[0];
-		$count++;
-	}
-
-	$count = 0;
-
-	for($i=0; $i<count($hash_ar); $i++){
-		$file_id_owner_db = $db->query("SELECT id, owner FROM files WHERE folder='FILE' AND hash='".$hash_ar[$i]."';");
-		while($row2 = $file_id_owner->fetchArray(SQLITE3_NUM)){
-			if($row2[1] != $_SESSION["userid"]){
-				$saved_files[$count] = $hash_ar[$i];
-			}
-		$count++;
-		}
-	}
-
-	for($i=0; $i<count($saved_files); $i++){
-		$cur = $saved_files[$i];
-		for($j=0;$j<count($hash_ar); $j++){
-			if($cur == $hash_ar[$j]){
-				$hash_ar[$j] = "";
-			}
-		}
-	}
-
-	for($i=0; $ii<count($hash_ar); $i++){
-		if($hash_ar[$i] != ""){
-			if(!unlink($uploaddir.$hash_ar[$i].".gz")){
-				return DELETE_USER_FILE_DELETE;
-			}
-		}
-	}	
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		DELETE FROM user WHERE id=".$owner.";
-		COMMIT;
-	")){
-		return DELETE_USER_SUCCESS;
-	} else {
-		return DELETE_USER_DATABASE;
-	}
-}
diff --git a/www/functions/notused/func_download.php b/www/functions/notused/func_download.php
deleted file mode 100644
index 26b25b1..0000000
--- a/www/functions/notused/func_download.php
+++ /dev/null
@@ -1,123 +0,0 @@
-<?php
-
-/*
-	Expected state: tested, should work.
-*/
-
-function check_if_file($db, $name, $folder_path){
-
-	$owner = user_id($db, $name);
-
-	$file_id = select_file_id($db, $owner, $folder_path);
-
-	if($file_id){
-		$check_if_file_db = $db->query("SELECT folder FROM files WHERE id=".$file_id.";");
-		$check_if_file_ar = $check_if_file_db->fetchArray(SQLITE3_NUM);
-
-		if($check_if_file_ar[0] == "FILE"){
-			return true;
-		} else {
-			return false;
-		}
-	} else {
-		//$content = get_path_to_empty_folder($db, $name, $folder_path);
-		//print_empty_folder($content);
-		//get_404("/", "Protected file");
-		return false;
-	}
-}
-
-function start_file_download($user, $path){
-
-	$db = $GLOBALS["db"];
-
-	$owner = user_id($db, $user);
-
-	$file_id = select_file_id($db, $owner, $path);
-
-	$file_db = $db->query("SELECT owner, share FROM files WHERE id=" . $file_id . ";");
-	$file_ar = $file_db->fetchArray(SQLITE3_NUM);
-	$file_owner = $file_ar[0];
-	$share = $file_ar[1];
-
-	if($_SESSION["login"] && ($_SESSION["userid"] == $file_owner)){
-		if(download_file($db, $file_id)){
-			return true;
-		} else {
-			return false;
-		}
-	} else {
-		if($share != "PUBLIC"){
-			return false;
-		}
-
-		if(download_file($db, $file_id)){
-			return true;
-		} else {
-			return false;
-		}
-	}
-}
-
-function check_file_hash($db, $file_id, $download_hash){
-	if(preg_match("/[^0-9]/", $file_id)){
-		return DOWNLOAD_FALSE_ID;
-	}
-
-	$check_hash_db = $db->query("SELECT owner, folder, share, download_link FROM files WHERE id=" . SQLite3::escapeString($file_id).";");
-	$check_hash_ar = $check_hash_db->fetchArray(SQLITE3_NUM);
-
-	if($check_hash_ar[1] != "FILE"){
-		return DOWNLOAD_NOT_FILE;
-	}
-
-	if($check_hash_ar[2] != "PUBLIC"){
-		if($_SESSION["userid"] != $check_hash_ar[0]){
-			if($check_hash_ar[3] != $download_hash){
-				return DOWNLOAD_PRIVATE_FILE;
-			}
-		}
-	}
-
-	if(!download_file($db, $file_id)){
-		return false;
-	} else {
-		return true;
-	}
-
-}
-
-function download_file($db, $file_id){
-
-	$file_db = $db->query("SELECT name, mime, size, hash FROM files WHERE id=". SQLite3::escapeString($file_id).";");
-	$file_ar = $file_db->fetchArray(SQLITE3_NUM);
-
-	$file_name = $file_ar[0];
-	$file_mime = $file_ar[1];
-	$file_size = $file_ar[2];
-	$file_hash = $file_ar[3];
-
-	$uploaddir = "../files/";
-	$gzip_file = $uploaddir . $file_hash . ".gz";
-
-//TODO: buffer output, print if reading == true
-
-	header("Content-Type: ".$file_mime);
-
-	if(!preg_match("/^image\/.+/", $file_mime)){
-		header("Content-Disposition: attachment; filename=\"".$file_name."\"");
-	} else {
-		header("filename=".$file_name."");
-	}
-	header("Content-Length: ".$file_size);
-	set_time_limit(0);
-	$uncompressed_file = readgzfile($gzip_file);
-
-	if($uncompressed_file){
-		return true;
-	} else {
-		return false;
-	}
-
-
-}
diff --git a/www/functions/notused/func_folder.php b/www/functions/notused/func_folder.php
deleted file mode 100644
index 044fd8e..0000000
--- a/www/functions/notused/func_folder.php
+++ /dev/null
@@ -1,162 +0,0 @@
-<?php
-
-function database_mkdir($db, $file_id, $new_folder_name, $share){
-	if($db->exec("
-		BEGIN TRANSACTION;
-		INSERT INTO files (id, parent, owner, name, folder, size, share, hash) VALUES (Null, " . $file_id . ", " . $_SESSION['userid'] . ", '" . SQLite3::escapeString($new_folder_name) . "', 'DIRECTORY', 0, '" . SQLite3::escapeString($share) . "', '');
-		COMMIT;
-	")){
-		return true;
-	} else {
-		return false;
-	}
-}
-
-function create_folder($path, $new_folder_name, $share){
-
-	$db = $GLOBALS["db"];
-
-	if(!$_SESSION["login"]){
-		return MKDIR_LOGIN;
-	}
-
-	$file_id = select_file_id($db, $_SESSION["userid"], $path);
-
-	$owner_db = $db->query("SELECT owner FROM files WHERE id=" . SQLite3::escapeString($file_id) . ";");
-	$owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
-
-	if($owner_ar[0] != $_SESSION["userid"]){
-		return MKDIR_OWNER;
-	}
-
-	//TODO: Cut trailing or leading slash
-	//TODO: Maye create two folders instead of returning an error?
-	if(preg_match("/\//", $new_folder_name)){
-		return SLASH_IN_FOLDER_NAME;
-	}
-
-	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_folder_name) . "' AND owner=".$_SESSION["userid"].";");
-	while($dupl_ar = $dupl_db->fetchArray(SQLITE3_NUM)){
-		if($dupl_ar[0] == $file_id){
-			return MKDIR_DUPLICATE;
-		}
-	}
-	
-	if(database_mkdir($db, $file_id, $new_folder_name, $share)){
-		return MKDIR_SUCCESS;
-	} else {
-		return MKDIR_DATABASE;
-	}
-}
-
-function move_folder($old_path, $new_path){
-
-	if(!$_SESSION["login"]){
-		return NOT_LOGED_IN;
-	}
-
-	$db = $GLOBALS["db"];
-	$old_file_id = select_file_id($db, $_SESSION["userid"], $old_path);
-	$new_file_id = select_file_id($db, $_SESSION["userid"], $new_path);
-
-	$old_folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$old_file_id.";");
-	$old_folder_owner_ar = $old_folder_owner_db->fetchArray(SQLITE3_NUM);
-
-	if($_SESSION["userid"] != $old_folder_owner_ar[0]){
-		return MV_OLD_FOLDER_NOT_OWNER;
-	}
-
-	if(!$new_file_id){
-		return MV_FOLDER_TARGET_NOT_EXIST;
-	}
-
-	$new_folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$new_file_id.";");
-	$new_folder_owner_ar = $new_folder_owner_db->fetchArray(SQLITE3_NUM);
-
-	if($_SESSION["userid"] != $new_folder_owner_ar[0]){
-		return MV_NEW_FOLDER_NOT_OWNER; }
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE files SET parent=".$new_file_id." WHERE id=".$old_file_id.";
-		COMMIT;
-	")){
-		return MV_FOLDER_SUCCESS;
-	} else {
-		return MV_FOLDER_DATABASE;
-	}
-}
-
-function rename_folder($path, $new_name){
-	if(!$_SESSION["login"]){
-		return NOT_LOGED_IN;
-	}
-
-	$db = $GLOBALS["db"];
-
-	$file_id = select_file_id($db, $_SESSION["username"], $path);
-
-	$folder_owner_db = $db->query("SELECT owner FROM fiiles where id=".$file_id.";");
-	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
-
-	if($folder_owner_ar[0] != $_SESSION["userid"]){
-		return FOLDER_NOT_OWNER;
-	}
-
-	if(preg_match("/\//", $new_name)){
-		return SLASH_IN_FOLDER_NAME;
-	}
-
-	$dupl_db = $db->query("SELECT parent FROM files WHERE name='" . SQLite3::escapeString($new_name) . "' AND owner=".$_SESSION["userid"].";");
-	while($dupl_ar = $dupl_db->fetchArray(SQLITE3_NUM)){
-		if($dupl_ar[0] == $file_id){
-			return MKDIR_DUPLICATE;
-		}
-	}
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE files SET name='".SQLite3::escapeString($new_name)."' WHERE id=".$file_id.";
-		COMMIT;
-	")){
-		return true;
-	} else {
-		return DATABASE;
-	}
-}
-
-function generate_download_link($file_id){
-
-	if(!$_SESSION["login"]){
-		return NOT_LOGED_IN;
-	}
-
-	$db = $GLOBALS["db"];
-
-	$folder_owner_db = $db->query("SELECT owner FROM files where id=".$file_id.";");
-	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
-
-	if($folder_owner_ar[0] != $_SESSION["userid"]){
-		return FOLDER_NOT_OWNER;
-	}
-	
-	$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s",     "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q",     "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
-
-	$length = count($key_array);
-	$key = "";
-
-	for ($i=0;$i<21;$i++){
-		$index = mt_rand(0,$length-1);
-		$key = $key.$key_array[$index];
-	}
-
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE files SET download_link='".$key."' WHERE id=".$file_id.";
-		COMMIT;
-	")){
-		return $key;
-	} else {
-		return DATABASE;
-	}
-}
diff --git a/www/functions/notused/func_invite.php b/www/functions/notused/func_invite.php
deleted file mode 100755
index d7613d5..0000000
--- a/www/functions/notused/func_invite.php
+++ /dev/null
@@ -1,62 +0,0 @@
-<?php
-function invite($db){
-
-	$name=$_SESSION["username"];
-        $safe_name = SQLite3::escapeString("$name");
-
-        $email=$_POST["email"];
-        $safe_email=SQLite3::escapeString("$email");
-
-        $invite_db = $db->query("SELECT invites FROM user WHERE name='" . $safe_name . "';");
-        $invite_ar = $invite_db->fetchArray(SQLITE3_NUM);
-        $invite = $invite_ar[0];
-
-        if($invite <= 0){ 
-		return INVITE_INVITES;
-	}
-
-	$email_db = $db->query("Select 1 FROM user WHERE email='" . $safe_email . "';");
-	$email_ar = $email_db->fetchArray(SQLITE3_NUM);
-
-	if($email_ar[0] == 1){
-		return INVITE_USEREXISTS;
-	}
-
-        /*Generates the invite key => [-_0-9a-zA-Z]{11}*/
-
-      	$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
-
-         $length = count($key_array);
-         $key = ""; 
-
-         for ($i=0;$i<11;$i++){
-               	$index = mt_rand(0,$length-1);
-                $key = "$key".$key_array[$index];
-         }   
-
-         $id_db = $db->query("SELECT id FROM USER WHERE name='" . $safe_name . "';");
-         $id_ar = $id_db->fetchArray(SQLITE3_NUM);
-         $id = $id_ar[0];
-
-        /*Generates the new user and decrease the invites*/
-
-         $invite = $invite-1;
-
-         if($db->exec("
-         	BEGIN TRANSACTION;
-                INSERT INTO user (id, name, email, senpai, key, status) VALUES (NULL, NULL, '" . $safe_email . "', '" . $id . "', '" . $key . "', 0);
-                UPDATE user SET invites='" . $invite . "' WHERE id='" . $id . "'; 
-                COMMIT;")
-         ){  
-
-               	$subject="Welcome, you were invited to the new virtual filesystem.\nYour key is " . $key . "\nVisit files.iamfabulous.de/register to complete your registration.";
-
-		// Doesn't work with GMX or Web.de atm.
-                mail($email, "Invite", $subject, "From: mail@iamfabulous.de");
-
-                return INVITE_SUCCESSFULL;
-
-         } else {
-              	return INVITE_DATABASE;
-         }   
-}
diff --git a/www/functions/notused/func_rewrite.php b/www/functions/notused/func_rewrite.php
deleted file mode 100755
index 0a123d6..0000000
--- a/www/functions/notused/func_rewrite.php
+++ /dev/null
@@ -1,30 +0,0 @@
-<?php
-function rewrite($db){
-
-        /* test if first argument a username or folder */
-
-	$name = user_id($db, $_GET["name"]);
-
-        if($name == ""){
-	
-                /* if first argument wasn't valid, rewrite the URL to include the username */
-
-		$folder = $_GET["folder"];
-
-		if(preg_match("/\/$/", $_GET["folder"])){
-			$folder = substr($_GET["folder"], 0, -1);
-		}
-
-                if($_SESSION["login"]){
-			$scheme = $GLOBALS["scheme"];
-                        header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/" . $_SESSION['username'] . "/" . $_GET["name"] . "/" . $folder . "");
-			exit;
-                }
-
-		return false;
-
-	} else {
-		return true;
-	}
-}
-
diff --git a/www/functions/notused/func_select.php b/www/functions/notused/func_select.php
deleted file mode 100755
index 9f10cd6..0000000
--- a/www/functions/notused/func_select.php
+++ /dev/null
@@ -1,62 +0,0 @@
-<?php
-function select_file_id($db, $owner, $folder_path){
-
-	if($_SESSION["login"] && $_SESSION["userid"] == $owner){ 	// TODO: Check if loged in user really the user who does the query - fix 12.3.14
-		$share="";						// to print all files, even hidden ones
-	} else {
-		$share =" AND share='PUBLIC'";				// just use files with the correct permissions
-	}
-
-	$folder_array_unsafe = explode("/",$folder_path);
-
-	$root_db = $db->query("SELECT id FROM files WHERE parent=0 AND owner=" . SQLite3::escapeString($owner) . " AND folder='DIRECTORY' " . $share . ";");
-	$root_ar = $root_db->fetchArray(SQLITE3_NUM);
-	$root_id = $root_ar[0];
-	if(empty($root_ar[0])){
-		failure("Seems like the user doesn't want to show his tree: " . $root_id);
-	}
-
-	$tmp_length = count($folder_array_unsafe);
-
-	if(empty($folder_array_unsafe[$tmp_length-1])){
-		$length = $tmp_length-1;
-	} else {
-		$length = $tmp_length;
-	}
-
-	$parentdir = SQLite3::escapeString($root_id);
-
-	if(empty($folder_array_unsafe[0])){
-		return $root_id;		// returns the primary key from the root dir
-	}
-
-	for($i=0; $i<$length; $i++){
-
-		$parentdir_db = $db->query("SELECT id, parent FROM files WHERE owner=" . $owner . $share . " AND parent=" . $parentdir . " AND name='" . SQLite3::escapeString($folder_array_unsafe[$i]) . "' COLLATE NOCASE;");
-
-		$prim_id = $parentdir_db->fetchArray(SQLITE3_NUM);
-
-
-		if($parentdir != $prim_id[1]){
-
-/*
-			$wrong_folder = $folder_array_unsafe[$i];
-			$working_path[0] = $wrong_folder;
-
-			for($j=0; $j<$i; $j++){
-				$working_path[$j] = $folder_array_unsafe[$j];
-			}
-
-			get_404($working_path, $wrong_folder);
-*/
-
-			return false;
-		}
-
-
-		$parentdir = $prim_id[0];
-	}
-
-	return $parentdir;		// returns the primary key from the last entry in the folder array
-
-}
diff --git a/www/functions/notused/func_upload.php b/www/functions/notused/func_upload.php
deleted file mode 100755
index 31fe304..0000000
--- a/www/functions/notused/func_upload.php
+++ /dev/null
@@ -1,192 +0,0 @@
-<?php
-
-function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){
-	if($db->exec("
-		BEGIN TRANSACTION;
-		INSERT INTO files (id, parent, owner, name, folder, mime, size, share, hash) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."', '" . $filehash . "');
-		COMMIT;
-	")){
-		return true;
-	} else  {
-		return false;
-	}
-}
-
-function database_upload_update($db, $id, $name, $mime, $size, $share, $filehash){
-	if($db->exec("
-		BEGIN TRANSACTION;
-		UPDATE files SET name='".$name."', mime='".$mime."', size='".$size."', share='".$share."', hash='".$filehash."' WHERE id=".$id.";
-		COMMIT;
-	")){
-		return true;
-	} else {
-		return false;
-	}
-}
-
-function upload($path){
-
-	$db = $GLOBALS["db"];
-
-	set_time_limit(0);
-
-	if(!$_SESSION["login"]){
-		return UPLOAD_LOGIN;
-	}
-	
-	if($_FILES["userfile"]["error"] > 0 || !$_FILES['userfile']['size'] > 0 || empty($_FILES['userfile']['size'])){
-		return UPLOAD_UPLOAD;
-	}
-
-	$parentdir = select_file_id($db, $_SESSION["userid"], $path);
-
-	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$parentdir.";");
-	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);
-
-	if($folder_owner_ar[0] != $_SESSION["userid"]){
-		return UPLOAD_FOLDER_NOT_OWNER;
-	}
-
-	$owner = $_SESSION["userid"];
-
-	$overall_size_db = $db->query("SELECT size FROM files WHERE owner=" . $owner . " AND size > 0;");
-	$overall_size = 0;
-	while($row = $overall_size_db->fetchArray(SQLITE3_NUM)){
-		$overall_size = $overall_size + $row[0];
-	}
-	
-	if($overall_size > 2147483648){		// == 2GB
-		return UPLOAD_QUOTA;
-	}
-
-	$filename = $_FILES['userfile']['name'];
-
-	$folder = "FILE";
-	$mime = $_FILES['userfile']['type'];
-	$size = $_FILES['userfile']['size'];
-
-	if(isset($_POST["share"])){
-		$share = "PUBLIC";
-	} else {
-		$share = "PRIVATE";
-	}
-
-	$uploaddir = "../files/";
-
-	//$filehash = hash_file("md5", $uploaddir . $filename);
-	$filehash = hash_file("md5", $_FILES['userfile']['tmp_name']);
-
-	$exists = false;
-	$check_if_filename_already_exists_db = $db->query("SELECT id, name FROM files WHERE parent=".$parentdir." AND folder='FILE'");
-
-	while($row = $check_if_filename_already_exists_db->fetchArray(SQLITE3_NUM)){
-		if($row[1] == $filename){
-			$fileid = $row[0];
-			$exists = true;
-			break;
-		}
-	}
-
-	$hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';");
-	$hashtest_ar = $hashtest_db->fetchArray(SQLITE3_NUM);
-
-	/* new file was uploaded */
-	if(empty($hashtest_ar[0])){
-
-		if(!move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){
-			return UPLOAD_MOVING;
-		}
-
-		/* checks if filename exists in the same directory */
-		if($exists){
-			$delete_file_db = $db->query("SELECT hash FROM files WHERE name='".$filename."' AND parent='".$parentdir."';");
-			$delete_file_ar = $delete_file_db->fetchArray(SQLITE3_NUM);
-
-			if(check_if_deletable($db, $fileid, $delete_file_ar[0])){
-
-				if(!unlink($uploaddir.$delete_file_ar[0].".gz")){
-					return UPLOAD_FILE_HANDLING;
-				}
-			}
-			if(!database_upload_update($db, $fileid, $filename, $mime, $size, $share, $filehash)){
-				return UPLOAD_DATABASE;
-			}
-		} else {
-			if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
-				return UPLOAD_DATABASE;
-			}	
-		}
-
-		$gzfile = $uploaddir . $filehash . ".gz";
-		$fp = gzopen($gzfile, 'w9');
-
-		if(!gzwrite($fp, file_get_contents($uploaddir . $filename))){
-			return UPLOAD_FILE_HANDLING;
-		}
-
-		if(!gzclose($fp)){
-			return UPLOAD_FILE_HANDLING;
-		}
-
-		if(!unlink($uploaddir . $filename)){
-			return UPLOAD_FILE_HANDLING;
-		}
-
-		return UPLOAD_SUCCESS;
-
-	/* new file already exists, only thing is a new entry in the database */
-	} else {
-
-		$dupl_db = $db->query("SELECT parent, mime, size, share, name FROM files WHERE hash='" . $filehash . "';");
-
-		while($row = $dupl_db->fetchArray(SQLITE3_NUM)){
-			if($row[0] == $parentdir){
-				if($mime == $row[1] && $size == $row[2] && $share == $row[3] && $filename == $row[4]){
-					return UPLOAD_DUPLICATE;
-				}
-			}
-		}
-		
-		if($exists){
-			$delete_file_db = $db->query("SELECT hash FROM files WHERE name='".$filename."' AND parent='".$parentdir."';");
-			$delete_file_ar = $delete_file_db->fetchArray(SQLITE3_NUM);
-
-			if(check_if_deletable($db, $fileid, $delete_file_ar[0])){
-				if(!unlink($uploaddir.$delete_file_ar[0].".gz")){
-					return UPLOAD_FILE_HANDLING;
-				}
-			}
-			if(!database_upload_update($db, $fileid, $filename, $mime, $size, $share, $filehash)){
-				return UPLOAD_DATABASE;
-			}
-		} else {
-			if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
-				return UPLOAD_DATABASE;
-			}
-		}
-
-		if(!unlink($_FILES['userfile']['tmp_name'])){
-			return UPLOAD_FILE_HANDLING;
-		}
-
-		return UPLOAD_SUCCESS;
-	}
-}
-
-//not used atm
-
-//function web_upload($db){
-//	$url = $_POST["url"]; 
-//	if(!preg_match("/^((https?|ftp)?://|www\.|ftp\.)?([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){
-//		echo "no hyperlink";
-//		return false;
-//	}
-//	if(!preg_match("/^[a-zA-Z]+://", $url){
-//		$url = "http://".$url;
-//	}
-//	$file = file_get_contents($url);
-//	if(!$file){
-//		echo "Couldn't download ".$url;
-//		return false;
-//	}
-//}
-- 
cgit v1.2.3