FILEUP

LOG | FILES | OVERVIEW 

F diff --git a/php/database.php b/php/database.php
--- a/php/database.php
+++ b/php/database.php

  			$prep->bindParam(':code',$code);

  			if($users=="")

  			{

- 				$prep->bindParam(':is_public',true);

+ 				$is_public=1;

  			}else

  			{

- 				$prep->bindParam(':is_public',false);

+ 				$is_public=0;

+ 				error_log("shared with $users is set to public=$is_public");

  			}

+ 			$prep->bindParam(':is_public',$is_public);

+ 

  			if($prep->execute()==false)

  			{

  				error_log("could not create shared node in create_shared_node");

  			$nod->node_id=$ret["node_id"];

  			$nod->password=$ret["passcode"];

  			$nod->code=$ret["code"];

+ 			$nod->is_public=$ret["is_public"];

  			return $nod;

  		}

  

F diff --git a/php/node.php b/php/node.php
--- a/php/node.php
+++ b/php/node.php

  		public $node_id;

  		public $code;

  		public $password;

+ 		public $is_public;

  	}

  	/*path is in terms of the simulated filesystem*/

  	/*returns NULL on error*/

F diff --git a/php/share.php b/php/share.php
--- a/php/share.php
+++ b/php/share.php

  

  if($_SERVER["REQUEST_METHOD"] == "POST")

  {

- 	if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) )

+ 	if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["permissions"]) )

  	{

+ 		error_log("things are not set quite right");

  		http_response_code(409);

  		exit(0);

  	}

  	$password=$_POST["password"];

  	$permissions=$_POST["permissions"];

  

+ 

  	if($permissions==1)

  	{

  		$can_read=true;

  		http_response_code(409);

  		exit(0);

  	}

- 	$permissions=$database->get_permissions($shared_node->node_id,$user->user_id);

- 	if($permissions["can_view"]==true)

+ 	if(isset($_SESSION["user_object"]))

  	{

- 		$node=$database->get_node($shared_node->node_id);

- 		if($node->is_directory)

+ 		$user=$_SESSION["user_object"];

+ 		$permissions=$database->get_permissions($shared_node->node_id,$user->user_id);

+ 		if($permissions["can_view"]==true)

  		{

- 			/*spooky stuff here*/

- 			http_response_code(409);

- 			exit(1);

+ 			$node=$database->get_node($shared_node->node_id);

+ 			if($node->is_directory)

+ 			{

+ 				/*spooky stuff here*/

+ 				http_response_code(409);

+ 				exit(1);

+ 			}else

+ 			{

+ 				header("Content-type: $node->type");

+ 				readfile("$storage_root/$node->code");

+ 			}

+ 		}

+ 	}else

+ 	{

+ 		if($shared_node->is_public==true)

+ 		{

+ 			$node=$database->get_node($shared_node->node_id);

+ 			if($node->is_directory)

+ 			{

+ 				/*spooky stuff here*/

+ 				http_response_code(409);

+ 				exit(1);

+ 			}else

+ 			{

+ 				header("Content-type: $node->type");

+ 				readfile("$storage_root/$node->code");

+ 			}

  		}else

  		{

- 			header("Content-type: $node->type");

- 			readfile("$storage_root/$node->code");

+ 			http_response_code(409);

+ 			exit(1);

  		}

  	}

  

  

  

+ 

  }else

  {

  	http_response_code(409);