<?php

function database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash){
	if($db->exec("
		BEGIN TRANSACTION;
		INSERT INTO files (id, parent, owner, name, folder, mime, size, share, hash) VALUES (NULL, " . $parentdir . ", " . $owner . ", '" . $filename . "', '" . $folder . "', '" . $mime . "', '" . $size . "', '" . $share ."', '" . $filehash . "');
		COMMIT;
	")){
		return true;
	} else  {
		return false;
	}
}

function database_upload_update($db, $id, $name, $mime, $size, $share, $filehash){
	if($db->exec("
		BEGIN TRANSACTION;
		UPDATE files SET name='".$name."', mime='".$mime."', size='".$size."', share='".$share."', hash='".$filehash."' WHERE id=".$id.";
		COMMIT;
	")){
		return true;
	} else {
		return false;
	}
}

function upload($path){

	$db = $GLOBALS["db"];

	set_time_limit(0);

	if(!$_SESSION["login"]){
		return UPLOAD_LOGIN;
	}
	
	if($_FILES["userfile"]["error"] > 0 || !$_FILES['userfile']['size'] > 0 || empty($_FILES['userfile']['size'])){
		return UPLOAD_UPLOAD;
	}

	$parentdir = select_file_id($db, $_SESSION["userid"], $path);

	$folder_owner_db = $db->query("SELECT owner FROM files WHERE id=".$parentdir.";");
	$folder_owner_ar = $folder_owner_db->fetchArray(SQLITE3_NUM);

	if($folder_owner_ar[0] != $_SESSION["userid"]){
		return UPLOAD_FOLDER_NOT_OWNER;
	}

	$owner = $_SESSION["userid"];

	$overall_size_db = $db->query("SELECT size FROM files WHERE owner=" . $owner . " AND size > 0;");
	$overall_size = 0;
	while($row = $overall_size_db->fetchArray(SQLITE3_NUM)){
		$overall_size = $overall_size + $row[0];
	}
	
	if($overall_size > 2147483648){		// == 2GB
		return UPLOAD_QUOTA;
	}

	$filename = $_FILES['userfile']['name'];

	$folder = "FILE";
	$mime = $_FILES['userfile']['type'];
	$size = $_FILES['userfile']['size'];

	if(isset($_POST["share"])){
		$share = "PUBLIC";
	} else {
		$share = "PRIVATE";
	}

	$uploaddir = "../files/";

	//$filehash = hash_file("md5", $uploaddir . $filename);
	$filehash = hash_file("md5", $_FILES['userfile']['tmp_name']);

	$exists = false;
	$check_if_filename_already_exists_db = $db->query("SELECT id, name FROM files WHERE parent=".$parentdir." AND folder='FILE'");

	while($row = $check_if_filename_already_exists_db->fetchArray(SQLITE3_NUM)){
		if($row[1] == $filename){
			$fileid = $row[0];
			$exists = true;
			break;
		}
	}

	$hashtest_db = $db->query("SELECT hash FROM files WHERE hash='" . $filehash ."';");
	$hashtest_ar = $hashtest_db->fetchArray(SQLITE3_NUM);

	/* new file was uploaded */
	if(empty($hashtest_ar[0])){

		if(!move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])){
			return UPLOAD_MOVING;
		}

		/* checks if filename exists in the same directory */
		if($exists){
			$delete_file_db = $db->query("SELECT hash FROM files WHERE name='".$filename."' AND parent='".$parentdir."';");
			$delete_file_ar = $delete_file_db->fetchArray(SQLITE3_NUM);

			if(check_if_deletable($db, $fileid, $delete_file_ar[0])){

				if(!unlink($uploaddir.$delete_file_ar[0].".gz")){
					return UPLOAD_FILE_HANDLING;
				}
			}
			if(!database_upload_update($db, $fileid, $filename, $mime, $size, $share, $filehash)){
				return UPLOAD_DATABASE;
			}
		} else {
			if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
				return UPLOAD_DATABASE;
			}	
		}

		$gzfile = $uploaddir . $filehash . ".gz";
		$fp = gzopen($gzfile, 'w9');

		if(!gzwrite($fp, file_get_contents($uploaddir . $filename))){
			return UPLOAD_FILE_HANDLING;
		}

		if(!gzclose($fp)){
			return UPLOAD_FILE_HANDLING;
		}

		if(!unlink($uploaddir . $filename)){
			return UPLOAD_FILE_HANDLING;
		}

		return UPLOAD_SUCCESS;

	/* new file already exists, only thing is a new entry in the database */
	} else {

		$dupl_db = $db->query("SELECT parent, mime, size, share, name FROM files WHERE hash='" . $filehash . "';");

		while($row = $dupl_db->fetchArray(SQLITE3_NUM)){
			if($row[0] == $parentdir){
				if($mime == $row[1] && $size == $row[2] && $share == $row[3] && $filename == $row[4]){
					return UPLOAD_DUPLICATE;
				}
			}
		}
		
		if($exists){
			$delete_file_db = $db->query("SELECT hash FROM files WHERE name='".$filename."' AND parent='".$parentdir."';");
			$delete_file_ar = $delete_file_db->fetchArray(SQLITE3_NUM);

			if(check_if_deletable($db, $fileid, $delete_file_ar[0])){
				if(!unlink($uploaddir.$delete_file_ar[0].".gz")){
					return UPLOAD_FILE_HANDLING;
				}
			}
			if(!database_upload_update($db, $fileid, $filename, $mime, $size, $share, $filehash)){
				return UPLOAD_DATABASE;
			}
		} else {
			if(!database_upload($db, $parentdir, $owner, $filename, $folder, $mime, $size, $share, $filehash)){
				return UPLOAD_DATABASE;
			}
		}

		if(!unlink($_FILES['userfile']['tmp_name'])){
			return UPLOAD_FILE_HANDLING;
		}

		return UPLOAD_SUCCESS;
	}
}

//not used atm

//function web_upload($db){
//	$url = $_POST["url"]; 
//	if(!preg_match("/^((https?|ftp)?://|www\.|ftp\.)?([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){
//		echo "no hyperlink";
//		return false;
//	}
//	if(!preg_match("/^[a-zA-Z]+://", $url){
//		$url = "http://".$url;
//	}
//	$file = file_get_contents($url);
//	if(!$file){
//		echo "Couldn't download ".$url;
//		return false;
//	}
//}