F diff --git a/loggedin.js b/loggedin.js --- a/loggedin.js +++ b/loggedin.jsfunction open_file(fileview) {var data = new FormData();data.append('folder', get_path());- data.append('path', get_path());+ data.append('filename', fileview.filename);var xhr = new XMLHttpRequest();xhr.open('POST', '/php/readfile.php', true);xhr.onload = function () {-+ console.log(xhr.responseText);};xhr.send(data);}F diff --git a/php/node.php b/php/node.php --- a/php/node.php +++ b/php/node.php/*path is in terms of the simulated filesystem*/function get_directory(string $abstract_path,User $user){- error_log("getting directory".$abstract_path." for ".$user->username);-global $database;- if($abstract_path[0] != "/")- {+ if($abstract_path[0] != "/") {return NULL;}- $component = strtok($abstract_path,"/");- $current_dir = $user->home_directory;+ $component = strtok($abstract_path,"/");+ $current_dir = $user->home_directory;- while($component)- {+ while ($component) {$current_dir = $database->get_node_id($component, $current_dir);- $component = strtok("/");- }+ $component = strtok("/");+ };- return $current_dir;+ return $current_dir;}/*returns an assoc arrat of Node-s*/global $database;$parent_dir_id=get_directory($abstract_path,$user);-if($database->check_if_name_is_taken($directory_name,$parent_dir_id)){return NULL;F diff --git a/php/readfile.php b/php/readfile.php --- a/php/readfile.php +++ b/php/readfile.phprequire_once "misc.php";session_start();- if (!isset($_POST["filename"]) || !isset($_FILES["folder"])) {+ if (!isset($_POST["filename"]) || !isset($_POST["folder"])) {error_log("/php/readfile.php - invalid request");http_response_code(400);exit(1);$dir = get_directory($folder, $user);if (!$dir) {- error_log("i/php/readfile.php - invalid directory");+ error_log("/php/readfile.php - invalid directory");http_response_code(409);exit(0);}foreach ($contents_of_dir as $c) {if ($c['name'] == $filename) {$file_node = $c;+ break;}}+ if (!$file_node) {+ error_log("/php/readfile.php - invalid filename");+ http_response_code(409);+ exit(0);+ }++ header("Content-type: $file_node[mimetype]");- var_error_log($file_node);+ readfile("$storage_root/$file_node[code]");F diff --git a/sql/fileshare.sql b/sql/fileshare.sql --- a/sql/fileshare.sql +++ b/sql/fileshare.sqlemail varchar(50),home_directory int not null,primary key (user_id),- foreign key (home_directory) references nodes(node_id) on delete cascade+ foreign key (home_directory) references nodes(node_id));create table node_access (can_view boolean not null default true,can_edit boolean not null default false,- foreign key (node_id) references nodes(node_id) on delete cascade,- foreign key (user_id) references users(user_id) on delete cascade+ foreign key (node_id) references nodes(node_id),+ foreign key (user_id) references users(user_id));/*we can name a node in many different ways */create table node_links (name varchar(100) not null default 'no name',note varchar(200) not null default "",check (directory_id != node_id),- foreign key (directory_id) references nodes(node_id) on delete cascade,- foreign key (node_id) references nodes(node_id) on delete cascade+ foreign key (directory_id) references nodes(node_id),+ foreign key (node_id) references nodes(node_id));